2 hours ago
3
Popular video conferencing platform Zoom agreed to pay $85M in compensation back in 2021 after it was revealed that the company lied to users about the type of encryption it offered. It has now offered to pay an $18M fine to the Securities & Exchange Commission (SEC) in order to settle an investigation into the same security and privacy issue.
Zoom disclosed the offer in a regulatory filing …
Zoom lied about its video encryption
The issue dates back to 2020. Zoom claimed that video calls using the platform were protected by end-to-end encryption (E2EE), meaning that nobody other than the participants would be able to decrypt video streams.
End-to-end encryption offers three key benefits:
- The company itself cannot view calls made on the platform
- Hackers who gained access to Zoom’s systems would also be unable to view video
- Government agencies granted access by Zoom would be similarly locked out
This is why it is used by many messaging services, including Apple’s iMessage and FaceTime.
However, it turned out that Zoom’s E2EE claim was a lie. Sessions were encrypted, but not using E2EE, so none of the above protections applied. This came to light in 2020, with the company admitting the claim was not true.
Company paid $85M to compensate users
A class action lawsuit was filed against the company for misleading its users, and the case was settled in 2021 for $85M.
The company also made a number of security and privacy improvements to the service in response, but these did not initially include E2EE. The company did subsequently offer the option of using E2EE, though selecting it disables a lengthy list of Zoom features.
Zoom has now offered the SEC $18M
The SEC launched its own investigation into Zoom’s false claims at the time they were revealed, with the company also accused of making misleading claims about usage of the service.
Zoom wants to put the matter behind it, so has offered to pay an $18M fine in order to do so. The SEC hasn’t said whether or not it will accept this offer.
Photo by Yiyang on Unsplash
FTC: We use income earning auto affiliate links. More.
![Security Bite: Mosyle identifies new malware loaders written in unconventional languages [Exclusive]](https://i0.wp.com/9to5mac.com/wp-content/uploads/sites/6/2024/01/Security-Bite-FI-1.png?resize=1200%2C628&quality=82&strip=all&ssl=1)
English (US) ·