KIT has procured Zoom licenses centrally.

Zoom enables unlimited video conferencing and virtual meetings with up to 300 participants (including screen sharing and chat). Zoom offers straightforward use and high stability - even with many participants. It is a complement to the use of Microsoft Teams, especially when many non-KIT members are involved. Please refer to the risk and protection assessment of online communication services (only accessible from the KIT network or via VPN) at KIT of the Information Security Officer.

In addition, individual licenses are available for larger cohorts of participants up to 500 or 1000 participants. If you have a corresponding need, please contact us.

Do you have any questions?

Then please contact us by mail: elearning∂studium.kit.edu

Information about the use of Zoom at KIT for other events outside of teaching can be found on the Campus Services pages.


Privacy policy for Zoom at KIT

  • Privacy policy for Zoom

    Within the scope of its possibilities, KIT endeavors to use data protection-compliant solutions for online teaching. Due to the currently unfeasible scaling of the existing services, it was necessary to resort to the cloud-based online setting. Lecturers and students are free to decide whether or not to use a cloud-based service, knowing what data protection concerns exist on the one hand and how temporally indefinite possible alternatives to using the cloud-based service will be on the other.KIT ensures that non-utilization of cloud-based services is not sanctioned (e.g., by ensuring that students are not charged for missed deadlines caused by non-utilization of cloud-based teaching services or examinations) and thus also follows current resolutions of the Conference of Ministers of Education and Cultural Affairs.

    KIT has taken extensive measures to raise the use of cloud-based services to a level acceptable under the circumstances of Corona. For example, the use of Zoom at KIT is governed by an order data processing contract that has been adapted in response to KIT's requirements. In particular, KIT has succeeded in structuring the passage on the possibility of passing on personal data in accordance with data protection. In addition, settings and recommendations for data-saving use and for minimizing risks from an IT security point of view have been worked out and implemented.For example, students can participate in the sessions without having to activate their microphone or webcam, and they do not have to give their real names. Students are provided with comprehensive information about data processing via a privacy statement.

  • Criticism of Zoom

    The Zoom implementation has been configured by KIT for data-saving use in order to minimize risks. For example, log-in via Facebook, feedback options to Zoom, and user-related statistics are disabled. Zoom is used by KIT via EU data centers; other data centers, e.g. in the USA or China, are deactivated.

    Lecturers can only use the software on a voluntary basis after confirming that they have read and understood the privacy policy for the use of Zoom. In addition, KIT has made extensive settings that further increase the data protection level of the software compared to the default settings.

    The use of Zoom is currently being discussed and commented on in the press. Among other things, the data protection statement provided by Zoom itself has been criticized and there have been reports of wilful disruption or vulnerabilities in the software. However, the provider has responded to the comments and criticism in the short term, in particular by improving the software and settings.

    Comments from Zoom

    The provider has recognized the high importance of the topic of data protection and information security for European users:


    Encryption of meetings

    The University of Toronto's Citizen Lab wrote an article on meeting encryption, among other things, concluding that meetings are not suitable for particularly sensitive communications, but are suitable for typically public or semi-public events such as lectures or seminars.

    Security of access data

    heise Security reports that a research company discovered access data for hundreds of thousands of Zoom accounts for purchase on the Darknet. At least some of the login data is said to have been obtained through automated login data sampling.

    By using Shibboleth, we at KIT are on the safe side in case of a specific attack on Zoom, as no passwords are stored at Zoom via this channel at any time.

    Regarding private Zoom accounts, we would advise you to follow the press and use complex passwords and different passwords for different user accounts in accordance with our practical tips on IT security.


    Update Zoom client required (version 5.8.4)


    For Zoom clients up to and including version 5.8.3, a serious security vulnerability has been identified by the CERT-Bund(source). Therefore, after consultation with KIT-CERT, it was decided to require regularly updated versions of the Zoom client from now on. Your locally installed Zoom client will indicate an available update. Without this update, no meeting can be started with a KIT Zoom account. The update is also required to participate in meetings conducted via KIT Zoom accounts. An update does not require any administrator privileges and can be performed by them. Alternatively, the web interface can of course be used at any time, which essentially offers an identical range of functions.

  • Data protection and information security for users

    We recommend that our users observe the following general aspects.

    • Always use an up-to-date operating system with installed security updates on your PC, laptop or smartphone.

    • Make sure that your virus protection is up-to-date and that you use official app stores.

    • Update applications / apps, esp. web browser and meeting client, regularly.

    • Watch out for fraudulent messages, esp. check links to login or download pages.

    • Use the possible settings for camera / microphone usage on your own system.

    • Do not pass on meeting links or meeting IDs uncontrolled, e.g. via screenshot.

    • Participant names or contributions in the meeting chat should be kept anonymous; meetings are a public space.

  • Privacy-friendly settings for Zoom by KIT

    In addition, extensive settings have been made by KIT to further increase the privacy level of the software compared to the default settings. Locked settings cannot be changed by lecturers, deactivated or activated settings can be changed by lecturers if required. The use of data centers outside the EU is blocked.

    • Automatic start of the camera and release of the own audio are locked when joining a meeting, i.e. participants have to turn on both the own audio and the camera itself.

    • Automatic answering of calls is blocked, because Zoom is used at KIT for teaching purposes only.

    • Recording is only possible for instructors in the cloud. Screen shares as well as audio and images of speakers are included in these recordings. Chat history is not recorded. In each case, recording only occurs if the instructors themselves want it and actively start it. No participants are recorded in the scenarios described above, as they are muted during the recording. They are only made available afterwards via KIT's own systems. Recordings are automatically deleted in the Zoom Cloud after 30 days.

    • Attention tracking is disabled.

    • Machine counting of participants in Zoom Rooms is blocked.

    • Access to other contact data within KIT by Zoom is blocked.

  • Other preferences for a Zoom meeting


    • General information about "Zoombing" or against taking over a Zoom meeting: Meetings were not prepared for publishing the links. If by default sharing of own screen was enabled for participant:s, it was easy for third parties to join the meeting via link and share arbitrary content (often of offensive or even illegal nature) via screen sharing and thus disrupt it. This is better secured by default settings, esp. a random password is created for each meeting room. Lecturers usually make this link available to a closed group of people via ILIAS. Lecturers should update the link regularly if necessary, e.g. by changing the meeting password, in order to limit the risk of distribution.

    • The waiting room for the meeting rooms is activated in the default settings.
      All participants must first be admitted to the room by the moderators. Unwanted or disruptive participants can be removed from the meeting room by the presenters and prevented from re-entering.

    • Screen sharing of participants is disabled by default.

    • Meeting without a password cannot be created. This is blocked.

    • File transfers in chat are blocked and not possible.

  • Contract adjustments with consideration of the Schrems II ruling

    Contract adjustments taking into account the requirements resulting from the Schrems II ruling of the European Court of Justice could be achieved as part of the extension of KIT's Zoom licenses from the summer semester 2021: In connection with the use of cloud providers from the USA, there is the fundamental reservation of potential access by US authorities to personal data of user:s from the EU. Through an addition to the EU standard contractual clauses and further significant, contractual progress, the negative effects of the difficult compatibility of U.S. law and EU law have been contained.

    The contractual negotiations also created more transparency with regard to the processing of personal data, in particular through the guaranteed restriction of data processing to servers in the EU and agreement on a clearly defined group of sub-processors.

    In addition to the contractual design, KIT has also done everything possible to protect Zoom's user:s as well as possible through the careful configuration of Zoom and the well-coordinated deployment scenarios.

    Therefore, it is not to be expected that the use of Zoom will have a negative impact on the rights of users in the context of the use of KIT Zoom licenses.


Zoom access

You can access Zoom as a teacher with your KIT account via https://kit-lecture.zoom.us/. We recommend using the Google Chrome browser.

Remember that you must be granted a Zoom license once before using Zoom(more information on how to apply - page only visible on the KIT network). In addition, you must agree in advance to use Zoom at https://my.scc.kit.edu/shib/zoom.php. Access to Zoom is then possible within a few minutes after agreeing to the privacy policy.

As an alternative to using the browser, you can also install a client. If you have problems with the account and login, please refer to the Zoom FAQs.

The activation of the access and the confirmation of the data privacy statement is only necessary for instructors. Participants do not need to confirm that they have read and understood the privacy policy.

Instructions for Zoom use for students can be found here.

  • Guide to logging in via SSO in Zoom Client
  1. In the client, please click on "Log in with SSO" in the first dialog.
    Anmeldedialog Zoom 1

  2. Then select "kit-lecture" as your company.

  3. Then log in via KIT Shibboleth with your KIT account.

Current clients and apps for Zoom can be found directly on the Zoom pages.