Zoom reaches settlement with the FTC over allegations it misled customers about video-call encryption

Zoom reaches settlement with the FTC over allegations it misled customers about video-call encryption
Zoom founder Eric Yuan speaks before the Nasdaq opening bell ceremony on April 18, 2019 in New York City.Kena Betancur/Getty Images
  • The Federal Trade Commission announced Monday that it had reached a settlement with Zoom over allegations the company misled customers about encryption and "gave users a false sense of security."
  • The FTC sued Zoom earlier this year, accusing the company of misrepresenting the security of its videoconferencing software by claiming to offer "end-to-end, 256-bit encryption."
  • Zoom acknowledged in April that it did not in fact offer that level of security and subsequently committed to roll out end-to-end encryption to all users.
  • As part of the FTC settlement announced Monday, Zoom agreed not to make any misleading security claims in advertising and to continue to ramp up its security practices. There was no financial component to the settlement.

The Federal Trade Commission has reached a settlement with Zoom after it sued the company for "unfair and deceptive security practices," the FTC announced Monday.

Zoom previously claimed in marketing materials that it offered end-to-end encryption for its videoconference software, which would mean only the people participating in a call could access its contents. But when pressed by reporters in March, Zoom admitted that calls were not actually end-to-end encrypted and that Zoom itself could decrypt calls.

The FTC subsequently sued Zoom, alleging in its complaint that Zoom misled consumers by claiming end-to-end encryption. The complaint also accused Zoom of misleading people by failing to disclose a Safari browser plugin that automatically opened Zoom when a meeting link was clicked.
Advertisement
As part of its settlement with the FTC, Zoom agreed to adhere to several security standards, including guaranteeing end-to-end encryption to all users and deploying more safeguards around how user data is stored. Zoom announced in October that it was offering end-to-end encryption to all users .

There is no financial component to the settlement, but Zoom could face a $43,280 fine for each future violation of its agreement with the FTC, the commission's statement said.

"Zoom's security practices didn't line up with its promises, and this action will help to make sure that Zoom meetings and data about Zoom users are protected," Andrew Smith, director of the FTC Bureau of Consumer Protection, said in a statement. "During the pandemic, practically everyone—families, schools, social groups, businesses—is using videoconferencing to communicate, making the security of these platforms more critical than ever."
Advertisement

A Zoom spokesperson said in a statement to Business Insider that the company has already addressed the issues raised in the FTC complaint and will "continuously improve our security and privacy programs."

"Today's resolution with the FTC is in keeping with our commitment to innovating and enhancing our product as we deliver a secure video communications experience," the Zoom spokesperson said.
{{}}