Zoom agrees to bolster security following FTC settlement

The company won't have to pay a fine for the time being.

Sponsored Links

ZOOM Video Communications logo displayed on a phone screen, thumbnails of the application, smartphone and keyboard are seen in this multiple exposure illustration. Zoom is an American communications technology company headquartered in San Jose, California. It provides videotelephony and online chat services through a cloud-based peer-to-peer software platform and is used for teleconferencing, telecommuting, distance education, and social relations. Zoom App and communication became very popular during the Covid-19, Coronavirus pandemic quarantine lockdown and social distancing as people started massively distant video telecommunication. Thessaloniki, Greece April 24, 2020 (Photo by Nicolas Economou/NurPhoto via Getty Images)
NurPhoto via Getty Images

Since it exploded in popularity at the start of the coronavirus pandemic, Zoom has promised to address the more glaring security and privacy issues that are a part of its video meeting software. And now the company has a regulatory incentive to do exactly that. As part of a new proposed settlement with the Federal Trade Commission (FTC) over its privacy practices, the company must establish an information security program that will see it share security audits with the agency. Zoom has also agreed to notify the FTC if it goes through a data breach, as well as implement additional security features. 

The main issue the FTC had with Zoom’s practices was that it misled people about its use of end-to-end (E2E) encryption. Since as far back as 2016, the company’s website has said users could secure their Zoom meetings “with end-to-end encryption. In reality, Zoom only recently started rolling out E2E encryption to video meetings. The FTC says the company’s claims gave people a false sense of security. The agency also found problems with ZoomOpener, software the company included in a July 2018 update it pushed to Mac users. ZoomOpener installed a persistent web server on your Mac that could, in certain circumstances, reinstall Zoom on your computer without your permission.     

“Zoom’s security practices didn’t line up with its promises, and this action will help to make sure that Zoom meetings and data about Zoom users are protected,” said Andrew Smith, the director of the FTC’s Bureau of Consumer Protection. 

“We take seriously the trust our users place in us every day, particularly as they rely on us to keep them connected through this unprecedented global crisis, and we continuously improve our security and privacy programs,” a spokesperson for Zoom told Engadget. “We are proud of the advancements we have made to our platform, and we have already addressed the issues identified by the FTC. Today's resolution with the FTC is in keeping with our commitment to innovating and enhancing our product as we deliver a secure video communications experience."

One thing Zoom won’t have to do as part of the settlement is to pay a fine to the federal government, provided it stays out of trouble. If the FTC finds that the company hasn’t been adhering to the agreement, it faces fines of up to $43,280 for each future offense.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Popular on Engadget