Summary: The PRIVA SCORE evaluates the data protection features of video conferencing services and open source solutions Consularia Office, Nextcloud Talk, Jitsi and Big Blue Button perform best. They offer the highest level of data protection. Zoom, Google Meet and Skype perform very poorly because, among other things, they use servers in the USA and share metadata with third parties. At the bottom of the list, GoToMeeting does not even offer end-to-end encryption.
Preliminary remarks on the subject of “comfort”: Yes, the tools that perform best here are not as comfortable to use as the products of the big players in some areas. But security and data protection are in the Age of digital capitalism not practical.
But that's what PRIVA SCORE is all about: Despite the complexity of the issue, making it as easy as possible to protect your own data and the data of others - and thus preserve civil liberties! But a little effort is necessary...
The PRIVA SCORE can receive a maximum of 270 points due to the calculation used to evaluate video conferencing tools.
As always, the PRIVA SCORE evaluates how well apps/services Data protection features Standards that are well met by all providers are not evaluated. In this case, this is access control through waiting rooms, passwords, etc. to avoid uninvited guests. Role concepts for assigning rights in the conference (moderation, presentation, participants...) are also offered by all services and are more or less easy to use.
When evaluating video conferencing tools cut the Open-SourceSolutions Nextcloud Talk, Jitsi and Big Blue Button performed best. Not open source, but the new addition Consularia Office scored the highest. These services have the highest level of data protection (249, 222, 228 and 258 points out of a possible 270) of the video conferencing tools compared here. With the open source services Talk, Jitsi and Big Blue Button, there can be variations in the level of data protection depending on who hosts the service. Here it is important to either host it yourself or choose a trustworthy provider.
Surprisingly, the last place is not zoom, rather GoToMeeting. The difference is that GoToMeeting apparently not even End-to-end encryption offers. Nevertheless, Zoom, Google Meet and Skype very poorly (all 90 out of 255 points). This is due, among other things, to Server locationIt is true that Google also operates servers in Europe, but enough data still flows to the USA. Because Meet cannot be used without a Google account. zoom apparently has no European servers and Skype also runs through the USA, although Team can be partially operated via European servers - if a framework agreement has been concluded with Microsoft. And that is usually not the case for the average consumer.
All tools with yellow and red ratings must be viewed very critically in that the data processing has little to no transparent is. Metadata is shared with third parties, and also a anonymous participation is only available at MS Teams possible, but only to a limited extent: There is free choice of names, so that this personal data can be pseudonymized - but not anonymized.
Explanation of data protection features
Server location: To avoid data transfer to (unsafe) third countries such as the USA, users of video conferencing tools should use the option of choosing a server location within the EU. This prevents data from being transferred to countries with lower data protection standards.
End-to-end encryption: Complete encryption of the transmission and storage of video conference data from the user's end device via the provider's server to the end device of other participants protects the confidentiality of the content.
Open-Source: For this feature, a video conferencing tool whose code is openly accessible is the better tool in terms of data protection because it can be independently verified how well the tool protects users' data.
No recording without consent: Video conferences should not be recorded or stored without the express consent of all participants, as this involves personal data.
No metadata transfer to third parties: No metadata such as participant lists or similar should be transferred to third parties outside the EU.
Transparency about data processing: Video conference providers must fulfill information obligations regarding data processing towards participants and create transparency.
Anonymous participation possible: Participants should have the opportunity to participate in video conferences anonymously without registering or providing personal data.
EN 
DE_DE