Zoom settles with the FTC over 'deceptive' encryption claims

Video conferencing firm's security practices "didn't line up with its promises", regulators say

A hand in shadow holding a phone with the Zoom app

The Federal Trade Commission (FTC) has reached a settlement with Zoom after it sued the company for "unfair and deceptive security practices". 

Following the FTC's announcement, shares in the video conferencing service tumbled. Zoom closed at 17.4% lower on Monday, with news of positive coronavirus vaccine data also having an impact, according to CNBC

This also affected a number of stocks for service that had been boosted by the pandemic, such as Netflix (8.6% decline) and Amazon (5.1%), but Zoom appeared to be the worst-hit.

With the onset of the pandemic, and the sudden need to stay home, Zoom saw a massive spike in users, turning into a household name almost overnight. This brought greater scrutiny on the firm and highlighted a number of security issues, one of which being a lack of end-to-end encryption

In its settlement reached with the FTC, the company was accused of collecting user data during recorded conferences. Zoom initially said it had "end-to-end, 26-bit encryption", but in fact, it "provided a lower level of security," the FTC said. 

"During the pandemic, practically everyone - families, schools, social groups, businesses - is using video conferencing to communicate, making the security of these platforms more critical than ever," said Andrew Smith, the FTC's director of consumer protection.

"Zoom's security practices didn't line up with its promises, and this action will help to make sure that Zoom meetings and data about Zoom users are protected."

The FTC has called on Zoom to "implement a robust information security programme" as well as a "prohibition on privacy and security misrepresentations".

In response, a Zoom spokesperson told IT Pro: "We take seriously the trust our users place in us every day, particularly as they rely on us to keep them connected through this unprecedented global crisis, and we continuously improve our security and privacy programs.

"We are proud of the advancements we have made to our platform, and we have already addressed the issues identified by the FTC. Today's resolution with the FTC is in keeping with our commitment to innovating and enhancing our product as we deliver a secure video communications experience."

Zoom is arguably one of the biggest success stories of the year, reportedly recording a 355% revenue increase in the second quarter of 2020. The figures are even more impressive when considering the number of privacy issues it also had to deal with, such as 'Zoom bombing' where unwanted actors invade meetings. 

The service has been used by both remote workers and those stuck at home, to keep in touch with friends and family, but the announcement from Pfizer and BioNTech of a vaccine candidate with a 90% success rate during late-stage trials have suggested Zoom might not enjoy continued success beyond the pandemic. 

Featured Resources

How virtual desktop infrastructure enables digital transformation

Challenges and benefits of VDI

Free download

The Okta digital trust index

Exploring the human edge of trust

Free download

Optimising workload placement in your hybrid cloud

Deliver increased IT agility with the cloud

Free Download

Modernise endpoint protection and leave your legacy challenges behind

The risk of keeping your legacy endpoint security tools

Download now

Recommended

Russia's "politically motivated" REvil raid could be used as leverage, experts warn
ransomware

Russia's "politically motivated" REvil raid could be used as leverage, experts warn

17 Jan 2022
Meta files lawsuit to uncover hackers targeting Facebook, WhatsApp
phishing

Meta files lawsuit to uncover hackers targeting Facebook, WhatsApp

21 Dec 2021
Five things to consider before choosing an MFA solution
Security

Five things to consider before choosing an MFA solution

17 Dec 2021
Australia and US sign CLOUD Act data-sharing deal to support criminal investigations
cyber crime

Australia and US sign CLOUD Act data-sharing deal to support criminal investigations

16 Dec 2021

Most Popular

How to move Microsoft's Windows 11 from a hard drive to an SSD
Microsoft Windows

How to move Microsoft's Windows 11 from a hard drive to an SSD

4 Jan 2022
Microsoft Exchange servers break thanks to 'Y2K22' bug
email delivery

Microsoft Exchange servers break thanks to 'Y2K22' bug

4 Jan 2022
Synology DiskStation DS2422+ review: A cube of great capacity
network attached storage (NAS)

Synology DiskStation DS2422+ review: A cube of great capacity

10 Jan 2022