Skip to main content

Zoom Settlement Will Likely Mute Federal Class Action Lawsuit over Data Privacy

Kelly Ruane Melchiondo
Blog ImageAfter months of litigation, Zoom Video Communications has agreed to pay $85 million to settle a proposed class action pending in the United States District Court for the Northern District of California.

The lawsuit alleges that Zoom violated users’ privacy rights by sharing information with Facebook, Google and LinkedIn, and by letting intruders “Zoombomb” meetings.

In March, Judge Koh dismissed several claims from the proposed class against Zoom, including invasion of privacy, negligence, and violation of California’s consumer and anti-hacking laws. In dismissing those claims, Judge Koh said that plaintiffs failed to prove that Zoom shared or sold their data without their permission. Judge Koh also ruled that Section 230 of the Communications Decency Act immunizes Zoom from liability for instances of Zoombombing. In her opinion, Judge Koh wrote, “Appalling as this content is, Zoom’s failure to edit or block user-generated content is the very activity Congress sought to immunize” under Section 230.

Judge Koh’s ruling in March left viable only the plaintiffs’ contract-based claims against Zoom. The proposed class alleged that Zoom breached its promises to customers to adequately protect customers’ private information and secure videoconferences with end-to-end encryption. Judge Koh’s initial rulings in the case had found the allegations sufficient that Zoom had entered into “implied contracts” with its customers, and, under those, Zoom had agreed to take steps to safeguard their customers’ information.

The parties filed a preliminary settlement for Judge Koh’s review over the weekend. If approved, the settlement will apply to any Zoom user who used Zoom from March 30, 2016 to the date of the settlement. The settlement calls for a 15% refund, or $25, whichever is higher, for Zoom users with paid accounts. For users who used the free version of Zoom, Zoom will pay up to $15.

Zoom also agreed to bolster its security measures, including alerting users when meeting hosts or other participants use third-party apps during meetings, and providing Zoom’s own employees with specialized training on privacy and data handling.

Privacy Portal Blog January 18, 2022
Last week, the Federal Communications Commission (“FCC”) circulated internally a Notice of Proposed Rulemaking (“NPRM”) that could significantly change the way telecommunications carriers report data breaches to customers. The most significant changes touch upon the timing of...