Zoom Video Communications Inc agreed to pay US$85 million and bolster its security practices to settle a lawsuit claiming it violated users’ privacy rights by sharing personal data with Facebook, Google and LinkedIn, and letting hackers disrupt Zoom meetings in a practice called Zoombombing.
A preliminary settlement filed on Saturday (Jul 31) afternoon requires approval by US District Judge Lucy Koh in San Jose, California.
Subscribers in the proposed class action would be eligible for 15 per cent refunds on their core subscriptions or US$25, whichever is larger, while others could receive up to US$15.
Zoom agreed to security measures including alerting users when meeting hosts or other participants use third-party apps in meetings, and to provide specialised training to employees on privacy and data handling.
The San Jose-based company denied wrongdoing in agreeing to settle. It did not immediately respond on Sunday to a request for comment.
Saturday’s settlement came after Koh on Mar 11 let the plaintiffs pursue some contract-based claims.
Though Zoom collected about US$1.3 billion in Zoom Meetings subscriptions from class members, the plaintiffs’ lawyers called the US$85 million settlement reasonable given the litigation risks. They intend to seek up to US$21.25 million for legal fees.
Zoombombing is where outsiders hijack Zoom meetings and display pornography, use racist language or post other disturbing content.
Koh said Zoom was “mostly” immune for Zoombombing under Section 230 of the federal Communications Decency Act, which shields online platforms from liability over user content.
Zoom’s customer base has grown sixfold since the COVID-19 pandemic forced more people to work from home.
The company had 497,000 customers with more than 10 employees in April 2021, up from 81,900 in January 2020. It has said user growth could slow or decline as more people get vaccines and return to work or school in-person.