The content of Zoom meetings can be captured by other means than AI bots. Some web services use screen recording tools or browser apps that allow individuals to capture the content of publicly available Zoom events. Cornell Zoom events have been found in online listings of such “webinar” offerings without the host's permission or knowledge.

To reduce the likelihood of unauthorized capture and distribution of Cornell Zoom meeting content, steps have been taken by Zoom administrators to minimize violations of Cornell Zoom participant privacy and data security.

In addition, hosts and participants who would like to reduce the possibility of unwanted capture, recording, and possible distribution of Zoom events should consider the following actions.

Reduce the Likelihood of Unauthorized Access During Registration

• For private sessions, do not post registration links publicly. 
  When registration is shared broadly, anyone—including automated agents—can attempt to join.
• For public meetings, assume recording and/or streaming is possible. 
  If the session is open to the public, the risk of external recording increases.
• For meetings or events that require registration, deny registrations from suspicious or unusual email addresses.

Reduce the Likelihood of Unauthorized Services Joining Events

We recommend enabling the following settings for maximum protection. 

Zoom settings can be accessed by logging in to https://cornell.zoom.us/profile/setting. 

• Enable Only authenticated meeting participants and webinar attendees can join (under Settings > Meeting > Security)
  This will require meeting participants to log in in order to join your meeting.

• Enable Only authenticated users can join meetings from Web client (under Settings > Meeting > Security)
• Disable Show a "Join from your browser" link (under Meeting > In Meeting (Advanced))
  However, be aware this can also limit users with older systems from joining if they cannot run the Zoom desktop client or mobile app. So, only disable this setting if you are sure all attendees of all your events can join via the Zoom desktop client or mobile app and will not need to join via web browser.
• Enable Require solving a CAPTCHA for guest users (users who are not signed in) (under Meeting > In Meeting (Advanced))
  If you do leave the Join from your browser setting turned on, consider checking the Require solving a CAPTCHA for guest users (users who are not signed in) box to require CAPTCHA authentication.
• Enable Waiting Room (under Webinar > Security)
  This allows you to control admission to your event manually using the Waiting Room.

Other Mitigation Methods to Protect Content

• Disable “Record to computer files” (in Zoom account settings, under Recording > General)
  This prevents participants from saving local copies and denies requests to allow local recording.
• Carefully vet participants before admitting them. 
  The bot or service may register using disposable email domains such as “.xyz,” “bestwest.space,” “westcentral.us,” “natureway.space,” “laserghost.store,” and others.
• Pay special attention to registrants with IP locations of Council Bluffs, Iowa (Google Cloud) 
  When combined with unusual email domains, this pattern has appeared consistently in unwanted bot and recording services.
• Remove or disable any browser extensions associated with WebinarTV.us, MeetingTV.us, or similar services. 
  Be cautious of extensions such as “Auto Join for Google Meet,” “GoTo Webinar / Meeting Download Recordings,” and “Meet Auto Admit,” which may also interact with these platforms.