FOLLOW US

The Federal Trade Commission (FTC) announced the final approval of its settlement with Zoom Video Communications (NASDAQ: ZM) over allegations that the company misled consumers regarding its data security practices.

Zoom is a video conferencing platform. It is one of the tech companies that benefitted from the COVID-19 pandemic. To prevent the spread of the disease, many businesses were forced to allow their employees to work from home. Educational institutions to implement online learning.

FTC's allegations against Zoom

In November, the FTC sued Zoom for allegedly engaging in deceptive and unfair practices related to its data security and privacy for consumers. The company claimed that its video conferencing platform is integrated with “end-to-end AES 256 bit encryption.”

The Commission alleged that Zoom lied to users about the level of its encryption. In fact, it is using a lower level of encryption" to secure meetings on its platform. It was not securing users’ data using AES-256 bit encryption. Instead, it was using AES 128-bit encryption in Electronic Code Book (ECB).

Zoom agreed to settle FTC's lawsuit. Under the proposed settlement, the company agreed to establish and implement a comprehensive security program to address the allegations against it.

On Tuesday, the FTC said it received 12 comments on its proposed settlement with Zoom. Its Commissioners voted 3-2 on January 19 to finalize the settlement and to send responses to the commenters.

Aside from implementing a comprehensive security program, the Commission's final order requires Zoom to review any software updates for security flaws. It requires the company to ensure the updates will not hamper third-party security features.

In addition, the final order requires Zoom to obtain assessments of its security program by an independent party every other year.

Furthermore, the company must notify the FTC if a data breach occurs in its video conferencing platform.

Statements regarding FTC's final order

In a statement, Commissioner Christine Wilson said the FTC's proposed final order "provides  immediate, strong relief to consumers."

She added that it "will enable the Commission to seek significant penalties for non-compliance and provides critical, and timely relief."

Acting FTC Acting Chairwoman Rebecca Kelly Slaughter and Commissioner Rohit Chopra released a dissenting statement regarding the order.

In her statement, Slaughter said the final order "did not do enough to ensure that consumers can trust this now-ubiquitous videoconferencing tool with their private conversations."