Earlier this year Zoom discovered itself in scorching water over claims that its video conferencing service makes use of end-to-end encryption when it really makes use of transport encryption as a substitute and now the corporate is dealing with a lawsuit from the US nonprofit advocacy group Shopper Watchdog.
The lawsuit, filed in a Washington DC court docket, alleges the corporate falsely informed customers that it presents full encryption which places it in breach of the District of Colombia Shopper Safety Procedures Act (DCCPPA) that prohibits false promoting.
Again in April, The Intercept released a report which revealed that Zoom makes use of transport encryption versus end-to-end encryption. Transport encryption is a Transport Layer Safety (TLS) protocol which secures the connection between a person and the server they’re related to. Nevertheless, the primary distinction between transport encryption and end-to-end encryption is that whereas others will not have the ability to entry your data, Zoom will nonetheless have the ability to.
Consumer Watchdog lawsuit
In its grievance in opposition to the corporate, Shopper Watchdog alleges that Zoom continued to say that its video conferencing software program used end-to-end encryption although it did not on the time, saying:
“Zoom repeated its end-to-end encryption claims all through its web site, in white papers—including in its April 2020 HIPAA Compliance Information—and on the person interface inside the app. Via these representations, Zoom established itself as a secure, safe, and dependable video conferencing platform for customers, and focused sectors that require extremely safe communication techniques. Additional, there is no such thing as a query that buyers—and companies within the healthcare sector—have particularly relied on Zoom’s false end-to-end encryption representations.”
Consumer Watchdog’s lawsuit is asking the DC court docket for an injunction in opposition to Zoom with the intention to stop the corporate from misrepresenting its safety measures. On the similar time, the advocacy group is searching for statutory damages beneath the DCCPPA which permits for fines of as much as $1,500 per violation. Because of this that the entire doable superb levied in opposition to the corporate may add up in a short time relying on the variety of customers that the court docket deems have been impacted within the DC-area.
In Zoom’s protection, the corporate has been working exhausting so as to add end-to-end encryption to its platform and bolster the safety of its video conferencing service. As an illustration, in Could it acquired the safe messaging and file-sharing service Keybase to assist with these efforts.