Video-conferencing company Zoom has agreed to improve its security practices and pay a fine of $85m to settle a legal challenge over privacy.
A lawsuit alleged that Zoom Video Communications Inc., violated the rights of its users by failing to prevent zoombombing and by sharing their personal data with social networking sites Facebook, Google and LinkedIn.
In March, Zoom asked the court to dismiss the motion. Then, on Saturday, the San Jose-based company filed a proposed settlement that now awaits the approval of California District Judge Lucy Koh.
The settlement does not include any admission of wrongdoing. Under the preliminary deal, plaintiffs in the proposed class-action suit who were Zoom subscribers would be eligible to claim $25 or a 15% refund on their subscription. Other users would only be eligible to receive up to $15.
The plaintiffs’ lawyers claim that Zoom Meetings’ paid subscribers generated $1.3bn in revenue for the company. Another hearing in the case is set for October.
Zoom said in a statement: “The privacy and security of our users are top priorities for Zoom, and we take seriously the trust our users place in us. We are proud of the advancements we have made to our platform and look forward to continuing to innovate with privacy and security at the forefront.”
As part of the proposed settlement, Zoom agreed to bolster its security by providing its employees with training in data handling and privacy. The company also said it would alert users when Zoom meeting hosts or participants use third-party apps during a meeting.
The class-action lawsuit, filed in March 2020 in the US District Court in the Northern District of California, is just one of multiple legal complaints that have been lodged against Zoom.
In another class-action lawsuit, Cullen v. Zoom Video Communications, Inc., California consumers accused the video-conferencing company of sharing their personal data with Facebook and other third parties without giving proper or adequate notice.
The plaintiffs claimed that after they installed Zoom, the company gathered their personal information and later disclosed it without their consent to third parties.
Source: Infosecurity Magazine