Zoom to Pay $86m Settlement for US Class Action Privacy Lawsuit

Zoom Lawsuit

Video-conferencing giant, Zoom has agreed to settle a US class-action privacy lawsuit for $86m, according to BBC News. The lawsuit, filed in March 2021 in the US District Court in the Northern District of California, alleges that “Zoom has made harmful misrepresentations and failed to secure Zoom meetings.” The preliminary settlement still requires the approval of US District Judge Lucy Koh in San Jose, California. The settlement includes a stipulation that the defendant provides all staff training in data handling and privacy.

Private Data

The lawsuit specifies two areas where the plaintiffs believe that Zoom failed in their responsibility to keep their user’s privacy protected. The lawsuit first states that Zoom allegedly shared users’ personal data with third parties such as Facebook, Google and LinkedIn. This personal data, according to the claim, was used to track users’ online activities and is a breach of their privacy.

According to the lawsuit, the plaintiffs allege that “their data is shared with Facebook even before they see the TOS.” Specifically, the lawsuit claims that even downloading certain versions of Zoom’s iOS app triggers the action of data being sent to Facebook. The plaintiff has a similar claim against Zoom’s Android app in regards to LinkedIn.

Zoom Security Concerns

The plaintiffs also accuse Zoom of misleading users with its statements regarding offering end-to-end encryption, as well as for failing to prevent “zoombombings”.

“Zoombombings” occur when hackers breach the Zoom security for the express purpose of hijacking meetings. This can be to the extent of causing harm or just as a prank. One recent “zoombombing” occurred during a New York City Council event where hackers began streaming porn on the virtual call, which was quickly shut down.

The “zoombombing” phenomenon has caused many companies to move away from Zoom as a platform for business meetings.

Zoom’s security is under fire for various vulnerabilities, including a weakness that allowed a hacker to remove meeting attendees, takeover shared screens, and spoof user messages. Although they deny any wrongdoing, Zoom has agreed to improve its security protocols according to BBC News. Per a statement made by a company spokesman to BBC News, the privacy and security of Zoom’s customers are the company’s top priorities.

“We are proud of the advancements we have made to our platform, and look forward to continuing to innovate with privacy and security at the forefront.” a Zoom spokesman went on to say in the statement.

Who is Included in the Lawsuit Against Zoom?

According to the lawsuit, it was filed on behalf of both Zoom Meetings paid US subscribers, as well as US users with free subscriptions. The plaintiff’s lawyers stipulate in their filing that since US subscribers have generated $1.3 billion in revenues for Zoom, subscribers should be eligible for 15% refunds on their subscriptions or $25 (whichever is larger) and US free subscribers should receive up to $15.

The plaintiffs’ lawyers are said to be seeking an additional $21.3m in legal fees from Zoom.

Zoom’s legal team had requested the motion be dismissed in March, but their request was denied.

This is not the only legal complaint facing the US-based video-conferencing platform.

Security research coordinator
Kat is an IT security business consultant with experience in project management, process development, and leadership. She coordinates our team's research efforts in the field of cybersecurity, privacy, and censorship.