Universities, schools, businesses, and nearly everything else have taken to online video conferencing in the wake of COVID-19 Stay-at-Home orders. However, quick changes and unexpected growth on the popular video conferencing app Zoom have opened up vulnerabilities to hackers and others who would abuse the system. So-called “Zoom-bombing” and other forms of online sexual misconduct can expose students and employees to unwanted sexual material and take harassment online.
Zoom-Bombing Disrupts Schools, Spiritual Gatherings, and AA Meetings
Students from a California high school in Conejo Valley logged into a Zoom video-conference for a district-wide public meeting. The video conference was supposed to help students and families understand school closures, cancelled events, and stay-at-home learning while the district was closed due to COVID-19 and the statewide Stay-at-Home order. Then moments before the meeting was about to start, many unrecognized users logged in too, chanting the N-word and sharing their screens depicting close-up pornographic images. Before the school could respond, school board members were sexually harassed and threatened. Someone threatened that they could discover home addresses through a process called doxing. Jordan Scott, a 17-year-old Senior and AP Honors student told the Los Angeles Times:
“I immediately closed my laptop. . . . I was uncomfortable — being a female, and 17 years old, and African American, hearing the N-word, watching sexual intercourse knowing that my male colleagues were watching the same thing that I was looking at, hearing sexual harassment directed at my female colleagues … I felt like it would be best to just remove myself from the meeting.”
- Disrupted online Alcoholics Anonymous meetings by showing GIFs of people drinking as custom backgrounds
- Written racist messages in a meeting of the American Jewish Committee in Paris
- Used the annotation feature to write racial slurs across presentation slides during a meeting of the Concordia Forum, a network of Muslim leaders
Zoom-Bombers Use Social Media and Chat Apps to Coordinate Attacks
Hijacking of video conferencing has become so prevalent in the midst of the Coronavirus pandemic that the FBI was forced to issue warnings against the activity. The numbers of unauthorized users in some meetings show that this must be a coordinated effort. The New York Times reports that harassers have been sharing strategies and information through social media, including Twitter and Instagram, and through private chat groups like 4chan and Discord. There, they coordinate what they call “Zoomraids” of password-protected video conferences and publicly available online school rooms.
What Hosts Can Do to Prevent Online Sexual Misconduct
The first line of defense to Zoom-bombing comes in the settings when a host creates a video conference. Zoom has published articles explaining what options are available to limit who can control the video call, and what users can or cannot do during the meeting. To prevent unwanted sexual imagery or slurs, hosts should:
- Avoid publicly sharing a Personal Meeting ID (the number users need to find your Zoom call)
- Use a Waiting Room to screen who is allowed to come into the meeting room
- Require users to log in with a password
- Disable custom backgrounds that allow users to show images as a backdrop
- Prevent participants from sharing their screen
- Mute participants upon entry, or when they become disruptive
- Turn off file transfers and annotations
- Disable private chat
- Remove disruptive participants
Some of these features will be a necessary part of the work done on Zoom, but not every meeting needs every feature. By increasing their privacy and security settings, it allows schools, employers, and other organizations to take reasonable steps to stop online sexual harassment and abuse during their video conference meetings.
What Victims of Zoom-Raids Can Do to Get Relief
However, one thing the invention of Zoombombing has shown is that the hackers are quicker to invent new ways to harass people than organizers are to prevent them. That means that hundreds of students and adults have become the victims of these Zoom-Raids, exposed to sexual harassment, pornography, racial slurs, and other highly offensive content.
The FBI has called teleconference hijacking a cyber-crime. The agency encourages the victim of Zoombombing to contact the FBI’s Internet Crime Complaint Center. Those who have been the direct victim of threats can also report the harassment at tips.fbi.gov. At least one U.S. Attorney’s Office in the Eastern District of Michigan has partnered with state and local law enforcement to charge Zoom-bombers with:
- disrupting a public meeting
- computer intrusion
- using a computer to commit a crime
- hate crimes
- transmitting threatening communications
When Zoom-bombing happens during work or school-related video conferences, the victims may also be able to seek relief under state and federal anti-discrimination laws such as Title VII and Title IX of the federal Civil Rights Act. Where the Zoom-bomber can be identified, you may even be able to sue them directly for intentional infliction of emotional abuse or other claims related to their online harassment.
The legal response to Zoom-bombing is in its infancy, but preventing online sexual harassment is not. At ADZ Law, LLP, we understand how federal and state laws can be used to protect you and your children from sexual harassment. We can help you file complaints with the FBI and local police, and advocate on your behalf to make sure Zoom-bombers are held responsible for their actions. We will also stand with you in court and help you get relief for the sexual harassment you have faced. We invite you to contact ADZ Law, LLP to schedule a consultation to learn more about our team, and how we can help you.