The video conferencing tool “Jitsi Meet” in a data privacy and usability test
Ever since the Corona outbreak, video conferencing tools such as Zoom and Microsoft Teams have become indispensable in the modern workplace. They enable vis-à-vis conversations and meetings across city boundaries. And in times of a pandemic, across exit restrictions. But have you heard of Jitsi Meet? Jitsi Meet is an open source software for video conferencing, which is especially useful in times of the Criticism of the larger providers. It could be a real alternative. We put the Jitsi Meet app under the microscope in our test lab and tested it in terms of both data privacy and usability.
The advantages of open source software
First of all, there is a lot to be said for Jitsi Meet. As open source software, third parties can view and easily review the app’s code. As a result, it has received a lot of attention in recent weeks. Mostly due to the fact, that any vulnerabilities in the code can be discovered and fixed quickly. Another advantage is the possibility to use Jitsi Meet either via a public instance (as e.g. meet.jitsi.si) or run it over your own server (you’ll find the guide here). The latter allows users to customize the software themselves and control access.
Jitsi Meet in the data privacy test
While our app tests of well-known teamwork apps produced unsightly results, we did not discover any irregularities in the Jitsi Meet app (iOS / Android). Although several trackers are integrated and Google connections to servers in EU and non-EU countries exist, Jitsi Meet performs much better in comparison. Moreover, the app version from the F-Droid store does not contain any trackers. Therefore, we can recommend it as a more privacy-friendly alternative to the version from the Play Store.
Encrypted connections available?
Regardless, the same applies to video conferencing tools as to all other apps and mobile applications: Connections should always be encrypted. It is true that Jitsi Meet, like most other tools, offers transport encryption (TLS) of the connections at all times. But in addition, the app is one of the few video conferencing tools that encrypts end-to-end between two participants. That is, across all transmission stations from the sender to the receiver. However, this type of encryption is currently only available via the browser for conferences with more than two participants. However, this is also to be implemented for the mobile applications in the near future.
Usability of Jitsi Meet
Just like its big competitors, Jitsi Meet offers the function of holding video conferences including screen sharing and chat. Basically, no account is required for use, only the web browser or the Android or iOS app. Accordingly, the application does not store any sensitive account data. Each conference room created receives its own link and optional password protection. Furthermore, Jitsi Meet uses the open source tool WebRTC, so it runs on all modern browsers (ideally via Google Chrome/Chromium). That notwithstanding, there may be limitations when using public Jitsi instances. This is because these do not have a subscriber limit and can therefore have varying degrees of load at different times. As a result, both quality and reliability can suffer, which is why it is recommended to use your own server.
What we can say about the data privacy of Jitsi Meet:
Basically, we can recommend Jitsi Meet as an alternative to the big teamwork apps. Although users may have to accept losses in performance, the open source approach ensures significantly more security in terms of data protection, which is extremely important, especially for sensitive business conferences. In addition, the end-to-end encryption represents an important cornerstone of data security and thus promotes Jitsi Meet to one of the few privacy-compliant alternatives for the large video conferencing tools.