Zoom agrees to pay $86m to settle privacy lawsuit

Zoom agrees to pay $86m to settle privacy lawsuit

Image:
Zoom agrees to pay $86m to settle privacy lawsuit

The company will provide its workers with specialised training in data handling and privacy going forward

Video-conferencing service Zoom has agreed to settle a class action privacy lawsuit in the US for $86 million (£61.8 million).

The lawsuit, filed last year, alleged that Zoom breached millions of users' privacy by sharing their personal data with Facebook, LinkedIn and Google.

It also accused the company of failing to prevent threat actors from disrupting Zoom meetings, and misguiding users by claiming that it offered end-to-end encryption.

Zoom denied any wrongdoing, but did promise to improve its security practices.

As part of the settlement - which is subject to approval from US District Judge Lucy Koh in San Jose, California - Zoom will provide its workers specialised training in data handling and privacy.

The company will also set up a cash fund of $85 million to pay 'valid claims, notice and administration costs, Service Payments to Class Representatives, and any attorneys' fees and costs awarded by the Court'.

The paid subscribers included in the class action lawsuit would be eligible to receive $25 or 15 per cent refunds on their subscriptions, whichever is larger, while free users could receive up to $15.

The plaintiffs' lawyers intend to seek an additional $21.3 million for legal fees.

Zoom was launched in 2013, but its popularity grew rapidly last year after the pandemic forced people to stay at and work from home.

Zoom's growth also brought huge pressure, however, as the company struggled to deal with security issues with its service.

Motherboard examined Zoom's iOS app in March 2020 and found it sending data to Facebook. Its report claimed that every time a Zoom user logged on for a conference call, the programme sent Facebook the user's details, including their city, timezone, device model, mobile carrier and unique advertising identifier.

Following Motherboard's report, Zoom user Robert Cullen of Sacramento filed a lawsuit against the company, accusing it of disclosing users' data to outside firms without receiving prior consent.

Cullen's suit also alleged that Zoom allowed hackers to disrupt meetings with inappropriate messages, pornography, or other disturbing content in 'Zoombombing' incidents.

The lawsuit was filed on behalf of Zoom Meetings' paid subscribers and free users, seeking damages under California's Consumer Privacy Act.

'[The] defendant knew or should have known that the Zoom App security practices were inadequate to safeguard the Class members' personal information and that the risk of unauthorised disclosure to at least Facebook was highly likely,' the lawsuit stated.

A Zoom spokesman told the BBC, "The privacy and security of our users are top priorities for Zoom, and we take seriously the trust our users place in us.

"We are proud of the advancements we have made to our platform, and look forward to continuing to innovate with privacy and security at the forefront."

The next hearing in the case is set for October.