Zoom to pay $85 million to users over lying about end-to-end video call encryption

Zoom has agreed to pay $85 million to settle claims that it lied about offering end-to-end encryption and gave user data to Facebook and Google without the consent of users.

Zoom securityJon Brodkin for Ars Technica:

The settlement between Zoom and the filers of a class-action lawsuit also covers security problems that led to rampant “Zoombombings.”

The proposed settlement would generally give Zoom users $15 or $25 each and was filed Saturday at U.S. District Court for the Northern District of California. It came nine months after Zoom agreed to security improvements and a “prohibition on privacy and security misrepresentations” in a settlement with the Federal Trade Commission, but the FTC settlement didn’t include compensation for users.

As we wrote in November, the FTC said that Zoom claimed it offers end-to-end encryption in its June 2016 and July 2017 HIPAA compliance guides, in a January 2019 white paper, in an April 2017 blog post, and in direct responses to inquiries from customers and potential customers. In reality, “Zoom did not provide end-to-end encryption for any Zoom Meeting that was conducted outside of Zoom’s ‘Connecter’ product (which are hosted on a customer’s own servers), because Zoom’s servers—including some located in China—maintain the cryptographic keys that would allow Zoom to access the content of its customers’ Zoom Meetings,” the FTC said. In real end-to-end encryption, only the users themselves have access to the keys needed to decrypt content.

MacDailyNews Take: Should’ve been more due to Zoom’s egregious deception.

Too bad Apple didn’t have a remote teleconferencing service ready to go long before COVID-19 hit the world. They’ve had the technological knowhow to do a “Good Zoom” for decades now, based on QuickTime, iMessage, and FaceTime, but alas. That’s a big time opportunity squandered, because Apple brass didn’t see the value of remote work until they were forced to open their eyes. — MacDailyNews, September 22, 2020


  1. Too bad those “12 Zoom alternatives for secure video conferencing” MDN references in the Related all suck. Whereas Zoom is easy-to-use, works on all platforms, resource light, and it’s never crashed on me.

  2. I think US Corporations should adopt a version of the Japanese practice of public apology. The CEO’s should have to appear before members of the public, shareholders, victims of their policies, and 1) Apologize, and 2) Listen to people openly criticize them . . . the public apologies should be televised, and would likely get higher ratings than most network TV shows.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.