Zoom has agreed to pay $85 million to settle a lawsuit that accused the video communications company of violating user privacy and allowing other parties to access Zoom calls.
The lawsuit says that Zoom shared data of millions of its users with big tech companies like Google, Facebook, and LinkedIn.
The suit further alleges that the company, even with end-to-end encryption, failed to take action on Zoombombing, where third-party users jump into Zoom calls to disrupt or draw attention away from the host, usually by sharing graphic or disturbing content.
The lawsuit began at the US District Court in San Jose, California since earlier this year. In a Reuters report released on August 1, Judge Lucy Koh had previously ruled in March that Zoom was mostly immune from accusations of Zoombombing under Section 230 of the Communications Decency Act.
The act prevents online platforms from being held responsible for user content.
A preliminary settlement was filed with the court on Saturday, which still needs the judge’s approval.
The settlement terms require Zoom to implement new security measures, including alerting users when meeting hosts or participants use third-party apps in Zoom meetings.
A history of privacy shenanigans
As with any other significantly large tech company brought to justice over such failings, Zoom denied any wrongdoing in agreeing to settle. In a statement, the company added that privacy, security, and trust are important to its operations.
In November, zoom entered a consent agreement with the US Federal Trade Commission over allegations that it misled users regarding privacy features, including encryption.
In the agreement, Zoom agreed to establish and implement a security program, agreed to a prohibition on privacy and security misrepresentation, and provide adequate protection for its user base.