“Zoombombing” Just Cost Zoom $85 million: Data Privacy Trends

Assuming the settlement agreement is approved, that is.  According to TechCrunch, Zoom has agreed to pay $85 million to settle a lawsuit that accused the video conferencing giant of violating users’ privacy by sharing their data with third parties without permission and enabling “Zoombombing” incidents.

“Zoombombing”, a term coined by TechCrunch last year as its usage exploded because of the pandemic, describes unapproved attendees entering and disrupting Zoom calls by sharing offensive imagery, using backgrounds to spread hateful messages or spouting slurs and profanities.

The lawsuit, filed in March 2020 in the U.S. District Court in the Northern District of California, also accused the firm of sharing personal user data with third parties, including Facebook, Google and LinkedIn.

In addition to agreeing to an $85 million settlement, which could see customers receive a refund of either 15% of their subscription of $25 if the lawsuit achieves class-action status, Zoom has said it will take additional steps to prevent intruders from gatecrashing meetings. This will include alerting users when meeting hosts or other participants use third-party apps in meetings and offering specialized training to employees on privacy and data handling.

“The privacy and security of our users are top priorities for Zoom, and we take seriously the trust our users place in us,” Zoom said in a statement. “We are proud of the advancements we have made to our platform, and look forward to continuing to innovate with privacy and security at the forefront.”

The settlement requires approval from U.S. District Judge Lucy Koh in San Jose, California, to be finalized.

Having been in a couple of meetings early on in the pandemic where “zoombombing” took place, I can say that Zoom, which experienced a “Zoom boom” in usage from 10 million daily users in December 2019 to as many as 300 million daily users by April 2020, put several mechanisms in place quickly to provide additional security to their meetings, including end-to-end encryption (which I covered here last year).  I haven’t experienced a “zoombombing” incident in a long time – have you?  And, hey, $85 million is nothing compared to the sanction that Amazon recently received.  Could be worse! 🙂

So, what do you think?  Do you have concerns about the security of your Zoom conferences and your data managed by Zoom?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by my employer, my partners or my clients. eDiscovery Today is made available solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Today should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Leave a Reply