Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Compliance

FTC Says Zoom Misled Users on Its Security for Meetings

Federal regulators are requiring Zoom to strengthen its security in a proposed settlement of allegations that the video conferencing service misled users about its level of security for meetings.

Federal regulators are requiring Zoom to strengthen its security in a proposed settlement of allegations that the video conferencing service misled users about its level of security for meetings.

The settlement was announced Monday by the Federal Trade Commission. A complaint filed by the agency accused Zoom of deceiving users over security since at least 2016. It said the company held on to cryptographic keys that allowed it to access content from its customers’ meetings, and secured meetings with a lower level of privacy encryption than it promised customers.

The regulators alleged that Zoom “engaged in a series of deceptive and unfair practices that undermined the security of its users.”

Zoom Video Communications Inc., based in San Jose, California, would be required under the settlement to take specific measures, such as establishing a program for resolving privacy vulnerability. Company personnel would be required to review any software updates for security flaws.

The vote was 3-2 to propose the agreement, with the FTC’s two Democratic commissioners, Rohit Chopra and Rebecca Kelly Slaughter, dissenting because it doesn’t require refunds or other redress for affected customers. The proposal will be opened to public comment for 30 days, after which the agency will decide whether to make it final.

Related: Zoom’s Security and Privacy Woes Violated GDPR, Expert Says

Advertisement. Scroll to continue reading.

Related: Zoom Announces Technical Preview of End-to-End Encryption

Related: Zoom Rolls Out 2FA Support for All Accounts

Written By

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Register

This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

People on the Move

Tracey Mustacchio has joined Everfox as Chief Marketing Officer.

Mark Carter has been appointed Chief Information Security Officer at Socure.

Spektrum Labs has named Mark Cravotta Chief Operating Officer.

More People On The Move

Expert Insights

Four decades of incident response experience suggest that exploits are often the symptom, not the root cause, of today’s cybersecurity failures.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.