September 24, 2021

Volume XI, Number 267

Advertisement

September 24, 2021

Subscribe to Latest Legal News and Analysis

September 23, 2021

Subscribe to Latest Legal News and Analysis

September 22, 2021

Subscribe to Latest Legal News and Analysis

Zoom Agrees to Pay $85M to Settle Class Action

On July 31, 2021, Zoom Video Communications, Inc. (“Zoom” or the “Company”) agreed to pay $85 million to settle a class action suit that alleged the Company violated users’ privacy rights by misleading consumers about encryption security, sharing data through third-party integrations without adequate notice or consent, and failing to protect private meetings from being disturbed by “zoombombings.” Class members would be eligible to receive payment, regardless of whether they paid for a Zoom account.

As part of the settlement, Zoom also agreed to a number of changes to its privacy and security practices. For example, the Company agreed to implement security features, such as waiting rooms for attendees, a “suspend meeting activities” button, blocking users from specific countries and alerting users when third-party apps are used in a Zoom meeting. Zoom also would be required to develop and maintain a documented process for communicating with law enforcement about meeting disruptions involving illegal content, including dedicated personnel to report serial meeting disrupters to law enforcement. In addition, Zoom agreed to implement a user-support ticket system for the internal tracking of and communication with users about reports of meeting disruptions.

The proposed settlement also focuses on consumer education. Specifically, Zoom agreed to: (1) better educate users about the security features available in the app to protect meeting security and privacy; (2) ensure its privacy statement discloses Zoom users’ ability to share user data with third parties via third-party integration software and to otherwise record and/or transcribe meetings; and (3) maintain on its website centralized information and links for parents whose children use school-provisioned K-12 accounts.

With respect to third-party integrations and applications, Zoom agreed to develop and maintain a documented process to be used for admitting third-party applications to Zoom’s “Marketplace.” The Company further agreed that it would not reintegrate certain third-party software development kits (“SDKs”) for a one-year period and that it would, in fact, request certain third parties to delete U.S. user data obtained through certain SDKs.

According to the settlement request, these changes are “designed to improve meeting security, bolster privacy disclosures, and safeguard consumer data.” The proposed settlement must now be approved by U.S. District Judge Lucy Koh.

Copyright © 2021, Hunton Andrews Kurth LLP. All Rights Reserved.National Law Review, Volume XI, Number 216
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement

About this Author

In today’s digital economy, companies face unprecedented challenges in managing privacy and cybersecurity risks associated with the collection, use and disclosure of personal information about their customers and employees. The complex framework of global legal requirements impacting the collection, use and disclosure of personal information makes it imperative that modern businesses have a sophisticated understanding of the issues if they want to effectively compete in today’s economy.

Hunton Andrews Kurth LLP’s privacy and cybersecurity practice helps companies manage data and...

212 309 1223 direct
Advertisement
Advertisement
Advertisement