Zoom Video Communications Inc has agreed to pay $85 million and improve its security practices to settle a users’ privacy lawsuit against it, a preliminary settlement filed on Saturday.
The plaintiffs claimed Zoom violated privacy rights by sharing personal data with Facebook, Google and LinkedIn, and let hackers disrupt Zoom meetings in a practice called “Zoombombing”.
Subscribers in the proposed class action would be eligible for 15% refunds on their core subscriptions or $25, whichever is larger, while others could receive up to $15.
The security measures Zoom agreed to include alerting users when meeting hosts or other participants use third-party apps in meetings. The app will also provide specialized training to employees on privacy and data handling.
The San Jose-based company denied wrongdoing in agreeing to settle.
“The privacy and security of our users are top priorities for Zoom, and we take seriously the trust our users place in us,” Zoom said in a statement on Sunday.
The settlement still requires approval by U.S. District Judge Lucy Koh in San Jose, California Koh on March 11 let the plaintiffs pursue some contract-based claims.
The company collected about $1.3 billion in Zoom Meetings subscriptions from class members. Still, the plaintiffs’ lawyers called the $85 million settlement reasonable given the litigation risks.
They intend to seek up to $21.25 million for legal fees.
Zoombombing is where outsiders hijack Zoom meetings and display pornography, use racist language or post other disturbing content.
Koh said Zoom was “mostly” immune for Zoombombing under Section 230 of the federal Communications Decency Act, which shields online platforms from liability over user content.
Zoom’s customer base has grown sixfold since the COVID-19 pandemic forced more people to work from home.
In April 2021, Zoom had 497,000 customers with more than ten employees up from 81,900 in January 2020.
Zoom said user growth could slow or decline as more people get vaccines and return to work or school in-person.