Springe direkt zu Inhalt

Freie Universität Berlin to Continue Using the Video Conferencing Platform Webex

The Executive Board says use of the program this upcoming winter semester is legally compliant

№ 146/2022 from Sep 09, 2022

Freie Universität Berlin will continue to use the video conferencing platform Webex (supplied by Cisco Systems), with the Executive Board stating last Friday that it is confident that it can be used in a legally compliant manner for the upcoming winter semester. In August of this year, Freie Universität Berlin was instructed by Berlin’s Commissioner for Data Protection and Freedom of Information to cease using the platform by the end of September, as the commissioner’s office was unable to see any way of operating the software in a manner that complied with the applicable legal requirements. Freie Universität proposed a meeting with the Berlin Data Protection Authority scheduled for mid-September to discuss the use of the video conferencing software.

The Executive Board has stated that from the very outset the plan to introduce Webex was supervised by a team of legal experts under the leadership of the university’s data protection officer, Dr. Karsten Kinast, by the Office of the General Counsel, and by technical experts at the university, adding, “Since 2020 numerous measures have been implemented aimed at improving the level of data protection at our university and maintaining this in accordance with the European Union’s standards.” The main points of criticism made by Berlin’s Commissioner for Data Protection were “taken very seriously and reviewed meticulously” and the university has “remained in constant contact with the commissioner’s office regarding this issue.” As yet there has been no single legal position adopted throughout Germany by the data protection authorities that uniformly governs video conferencing systems whose suppliers are based in the United States.

Freie Universität Berlin has made the following efforts over the past few months:

  • The contractual terms of the data processing agreement with Cisco have been consistently adapted following the Schrems II judgment published by the European Court of Justice (ECJ) and the current standard contractual clauses issued by the European Commission. The most up-to-date version of the contract offers an ideal depiction of data streams when Webex is used at Freie Universität Berlin. Given the controversial legal situation surrounding data transfers to the US, the requirements of the General Data Protection Regulation (GDPR) are being strictly observed. Aside from this, the university is engaged in ongoing discussions with Cisco in order to factor future legal and political developments into its contractual clauses.
  • The processing of content data from Webex meetings (such as video transmission in its own right or uploaded files) does not take place in the US, but is instead carried out on European servers. These servers are located at a data center in Frankfurt am Main. In the event of technical difficulties, such processing is carried out on servers at a data center in Amsterdam.
  • Since April 2022 all members of the university have been able to avail themselves of end-to-end encryption when launching meetings. The chat function in Webex has been fully end-to-end encrypted since the Webex app was introduced in March.

At the meeting with Berlin’s Commissioner for Data Protection and Freedom of Information planned to take place in September regarding the use of this software, the Executive Board of Freie Universität would like to discuss any additional points of criticism and engage in a dialogue centered around constructive ideas on how to further improve data protection. The Executive Board would like to explain the overall situation in all its complexity and outline potential solutions. In addition to the president of Freie Universität Berlin Prof. Dr. Günter M. Ziegler, other representatives from the university management will also attend the meeting.