scorecardresearch
Follow Us:
Wednesday, December 02, 2020

‘False security’: Zoom settles with US FTC, agrees to added scrutiny

As per the terms of the settlement, Zoom will have to “implement a robust information security program to settle allegations that the video conferencing provider engaged in a series of deceptive and unfair practices that undermined the security of its users”.

By: ENS Economic Bureau | New Delhi | November 10, 2020 2:13:28 am
Zoom will also have to obtain “biennial assessments” of the new security programme that it implements by an independent third party, which must be authorised by the FTC.

The Federal Trade Commission (FTC) said Monday it had reached a settlement with Zoom, the US-based video calling software solutions provider which has seen its user base skyrocket from 10 million users in December 2019 to over 300 million by April 2020.

As per the terms of the settlement, Zoom will have to “implement a robust information security program to settle allegations that the video conferencing provider engaged in a series of deceptive and unfair practices that undermined the security of its users”.

Zoom will also have to obtain “biennial assessments” of the new security programme that it implements by an independent third party, which must be authorised by the FTC. If any data is breached at Zoom, the FTC must be informed of the same by the company, the order by the US regulator said.

According to the complaint by FTC, Zoom lied about using a higher ‘end-to-end 256-bit encryption’ which could offer a secure communication option to its users. The company, instead, maintained the “cryptographic keys”, which could allow Zoom the access to its users’ meetings.

“Zoom’s misleading claims gave users a false sense of security, according to the FTC’s complaint, especially for those who used the company’s platform to discuss sensitive topics such as health and financial information,” the FTC said in a release.

The company, the trade commission said, also lied to its users about storing the recorded meetings on a secured cloud storage, when in reality some of the recorded meetings lay unsecured on un-encrypted cloud storage for as many as 60 days before being moved to a secure storage.

📣 The Indian Express is now on Telegram. Click here to join our channel (@indianexpress) and stay updated with the latest headlines

For all the latest Business News, download Indian Express App.

Advertisement
Advertisement
Advertisement
Advertisement