Zoom settles $85 million lawsuit over 'zoombombing', privacy policies

Zoom has agreed to provide specialised privacy and data handling training to its employees

Zoom has agreed to pay $85 million (£61 million) and improve its security practices to settle a lawsuit that claimed it violated users’ privacy rights when it shared personal data with Google, Facebook, and LinkedIn.

The deal will also see Zoom take additional steps to prevent so-called 'zoombombing attacks', a tactic that involves users gaining unauthorised access to Zoom rooms in order to disrupt a meeting, something that proved popular during lockdown.

Zoom agreed to provide specialised privacy and data handling training to its employees as well as implement new security measures, including providing alerts to users when participants in a meeting use third-party apps during the session, as reported by Reuters.

Members from the proposed class action lawsuit would be eligible for 15% refunds on their core subscriptions, or $25, whichever is larger, and others could receive up to $15. The preliminary settlement was filed on 31 July and still requires approval from US District judge Lucy Koh in San Jose, California.

In agreeing to settle, Zoom denied any wrongdoing.

“The privacy and security of our users are top priorities for Zoom, and we take seriously the trust our users place in us. We are proud of the advancements we have made to our platform, and look forward to continuing to innovate with privacy and security at the forefront,” a spokesperson from the company told IT Pro.

Related Resource

The new leadership mindset for data and analytics

How to grow your data and analytics talent, empowering a data culture from the inside out, and more

Business people looking at and standing on a chart of stats - whitepaper from AWSFree download

The plaintiffs’ lawyers called the settlement reasonable given the litigation risks, despite the company having collected around $1.3 billion in Zoom Meetings subscriptions from class members. The lawyers also plan to seek out up to $21.25 million for legal fees.

In February, the FTC finalised its settlement with Zoom, where it threatened to impose strict penalties if the service failed to uphold government-mandated security requirements. The FTC had complained that Zoom misled users by claiming to offer end-to-end 256-bit encryption when in reality it maintained the encryption keys. The complaint also stated that Zoom stored unencrypted meeting data on its servers for up to 60 days before moving it to secure cloud storage.

Last August, a virtual hearing for the trial against a teenager accused of July’s mass Twitter hack was cut short after the meeting was hijacked by members of the public. The conference call was hijacked by a series of interruptions, which included 15 seconds of a pornographic clip. The practice is known as ‘Zoom bombing’ where unauthorised users repeatedly join a Zoom call and interrupt the meeting taking place, if they have access to its joining details.

Featured Resources

The ultimate law enforcement agency guide to going mobile

Best practices for implementing a mobile device program

Free download

The business value of Red Hat OpenShift

Platform cost savings, ROI, and the challenges and opportunities of Red Hat OpenShift

Free download

Managing security and risk across the IT supply chain: A practical approach

Best practices for IT supply chain security

Free download

Digital remote monitoring and dispatch services’ impact on edge computing and data centres

Seven trends redefining remote monitoring and field service dispatch service requirements

Free download

Recommended

Podcast transcript: Should the US cyber army be more aggressive?
cyber warfare

Podcast transcript: Should the US cyber army be more aggressive?

22 Oct 2021
The IT Pro Podcast: Should the US cyber army be more aggressive?
cyber warfare

The IT Pro Podcast: Should the US cyber army be more aggressive?

22 Oct 2021
CISA, FBI and NSA publish BlackMatter ransomware warning
ransomware

CISA, FBI and NSA publish BlackMatter ransomware warning

19 Oct 2021
US links $5.2 billion in Bitcoin transactions to ransomware
ransomware

US links $5.2 billion in Bitcoin transactions to ransomware

18 Oct 2021

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans
Laptops

Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans

11 Oct 2021
Windows 11 has problems with Oracle VirtualBox
Microsoft Windows

Windows 11 has problems with Oracle VirtualBox

5 Oct 2021