Skip to content

Illustration by Security Management

Preliminary Settlement Reached Over Zoom-Bombing, Privacy Issues

Zoom has boomed during the past two years, especially as millions of companies worldwide shifted to remote work and relied heavily on the video-conferencing service to keep in contact with coworkers and customers. However, early privacy and security errors shadowed the company’s rise.

Now, Zoom has agreed to pay $85 million to settle a class action privacy lawsuit that alleged the company invaded millions of users’ privacy by sharing personal data with Facebook, Google, and LinkedIn; that it misstated that it offered end-to-end encryption; and that it failed to prevent hackers from “Zoom-bombing” video sessions.

While the company denied any wrongdoing, it has agreed to boost its security practices, according to the BBC. The preliminary settlement—which is subject to court approval—would be allocated to users who paid for an account; they would be eligible to receive either 15 percent of their subscription or $25—whichever is higher. Users who did not have a paying account would be eligible to receive up to $15.

The settlement requires Zoom to give its staff training on handling data and privacy. Zoom has also agreed to provide in-meeting notifications to make it easier for users to understand who can see, save, and share users’ information and content, according to ZDNet.

Zoom had already started to rectify some trust and security challenges last year, as reported by Security Management, including preparing a transparency report, enhancing bug bounty programs, and conducting penetration tests. In addition, it announced that it would make true end-to-end encryption—a step further than the transport encryption it was previously using—an advanced add-on feature for all users.