There are more repercussions for Zoom’s earlier privacy and security lapses. According to Reuters, The company has settled a lawsuit accusing the video chat giant of violating customer privacy and allowing ‘zoombombing’ (that is, allowing trolls to open windows into other people’s conversations).
As part of the preliminary settlement, Company staff will also receive special privacy-oriented training as well as warnings about participants using third party apps.
According to Judge Lucy Koh, the company was largely protected from zoombombing claims by Section 230 of the Communications Decency Act, which protects users from liability for their actions.
If the lawsuit is approved as a class action, there may also be payouts, but don’t expect a windfall. Members will receive either a 15 percent or $25 refund, whichever is larger, whereas everyone else will receive up to $15. A total of $21.25 million in legal costs was intended to be collected by lawyers.
The company denied doing anything wrong in a statement, touting privacy and security as one of its “top priorities.” The company settled a similar complaint, as well as the permanent web server it installed on Macs, with the Federal Trade Commission last year.
Video chat provider Zoom scrambled to improve its security following pandemic-related overuse that revealed software and service vulnerabilities.
Beginning in October 2020, it will roll out end-to-end encryption, conduct reviews, and making zoombombing more difficult. The fixes came too late, however, and the settlement is a cautionary tale for companies who only belatedly tighten security for their apps.