Security of Slack huddles and calls

Looking for details about the security of Slack huddles or calls? You’re in the right place.


Security of Slack huddles and calls

We use the WebRTC standard for real-time communications with the latest recommended security techniques. Here’s how we protect the integrity and confidentiality of a huddle or call:

  • All traffic is encrypted in transit.
  • Media traffic is encrypted with SRTP using a DTLS-SRTP key exchange.
  • Real-time data channel traffic is encrypted with DTLS.
  • HTTPS or secure WebSockets using TLS 1.2 are used for signalling communication with our media server.

Slack huddles and calls fall under the same security programme as the rest of Slack. For more information, review our security policy.


Information stored from Slack huddles and calls

We store certain information about Slack huddles and calls to help us improve the experience and troubleshoot issues:

Huddles

Calls

  • Stored huddle metadata includes where the huddle was started (in a channel or in a direct message), who started it and participated, when members joined or left, and the time that it ended.
  • Stored performance metrics include latency and jitter.
  • To provide media connections with the lowest possible latency or lag, the public and private IP addresses of a device may be shared with other devices while on the same huddle.

Note: It’s not possible to record huddles, and huddles transcriptions are not stored by Slack or Amazon Web Services (AWS).

  • Stored call metadata includes the name of a call, where it was started (in a channel or a direct message), who started it and participated, when members joined or left, and the time that it ended.
  • Stored performance metrics include latency and jitter.
  • To provide media connections with the lowest possible latency or lag, the public and private IP addresses of a device may be shared with other devices while on the same call.

Note: It’s not possible to record or transcribe Slack calls.