Zoom settles with the FTC over 'deceptive' encryption claims
Video conferencing firm's security practices "didn't line up with its promises", regulators say
The Federal Trade Commission (FTC) has reached a settlement with Zoom after it sued the company for "unfair and deceptive security practices".
Following the FTC's announcement, shares in the video conferencing service tumbled. Zoom closed at 17.4% lower on Monday, with news of positive coronavirus vaccine data also having an impact, according to CNBC.
This also affected a number of stocks for service that had been boosted by the pandemic, such as Netflix (8.6% decline) and Amazon (5.1%), but Zoom appeared to be the worst-hit.
With the onset of the pandemic, and the sudden need to stay home, Zoom saw a massive spike in users, turning into a household name almost overnight. This brought greater scrutiny on the firm and highlighted a number of security issues, one of which being a lack of end-to-end encryption.
In its settlement reached with the FTC, the company was accused of collecting user data during recorded conferences. Zoom initially said it had "end-to-end, 26-bit encryption", but in fact, it "provided a lower level of security," the FTC said.
"During the pandemic, practically everyone - families, schools, social groups, businesses - is using video conferencing to communicate, making the security of these platforms more critical than ever," said Andrew Smith, the FTC's director of consumer protection.
"Zoom's security practices didn't line up with its promises, and this action will help to make sure that Zoom meetings and data about Zoom users are protected."
The FTC has called on Zoom to "implement a robust information security programme" as well as a "prohibition on privacy and security misrepresentations".
In response, a Zoom spokesperson told IT Pro: "We take seriously the trust our users place in us every day, particularly as they rely on us to keep them connected through this unprecedented global crisis, and we continuously improve our security and privacy programs.
"We are proud of the advancements we have made to our platform, and we have already addressed the issues identified by the FTC. Today's resolution with the FTC is in keeping with our commitment to innovating and enhancing our product as we deliver a secure video communications experience."
Zoom is arguably one of the biggest success stories of the year, reportedly recording a 355% revenue increase in the second quarter of 2020. The figures are even more impressive when considering the number of privacy issues it also had to deal with, such as 'Zoom bombing' where unwanted actors invade meetings.
The service has been used by both remote workers and those stuck at home, to keep in touch with friends and family, but the announcement from Pfizer and BioNTech of a vaccine candidate with a 90% success rate during late-stage trials have suggested Zoom might not enjoy continued success beyond the pandemic.
Four cyber security essentials that your board of directors wants to know
The insights to help you deliver what they needDownload now
Data: A resource much too valuable to leave unprotected
Protect your data to protect your companyDownload now
Improving cyber security for remote working
13 recommendations for security from any locationDownload now
Why CEOS should care about the move to SAP S/4HANA
And how they can accelerate business valueDownload now