Aug 3rd 2021
Zoom settles an $86m class action suit heard before U.S. District Judge Lucy Koh in San Jose, California last week as they join the long line of big tech privacy flouters that were caught with their hand in the advertising dollars cookie jar.
Several media outlet have reported that Zoom settled the case where they were implicated in invading the privacy of millions of users by sharing personal data with Facebook, Google & LinkedIn. They were also accused of failing to prevent hackers from “Zoombombing” (uninvited guests crashing meetings, often with the intention of injecting abusive or obscene material) & misstating it’s offer of end-to-end encryption. With respect to the latter, Zoom was accused of allowing access the video & audio of meetings, rather than just the meeting’s participants raising eavesdropping concerns and possible data collection activities.
ZOOM / FACEBOOK / WHATSAPP COSY CONSPIRACY:
It’s reported that Zoom’s software reported to Facebook whenever a user logged on for a conference call, after which, Zoom gave Facebook the person’s customer info, including what device a person used, the device’s model & unique advertising identifier, allowing companies to target the user with ads.
Of course Zoom has quickly turned on the PR recovery mode and read from the same script as the long line of other big tech transgressors in saying yesterday that “The privacy & security of our users are top priorities for Zoom, and we take seriously the trust our users place in us.”.ZzzZzzz Yawn.. Roughly translated, we got caught this time but we’ll try to hide our tracks better next time round.
Interestingly, 6 months ago I posted on a not too dissimliar case with WhatsApp & Facebook Link to Linkedin Article but surely this time it wont happen again, and again, right?
We have fragmented regulatory governance & generally weak #dataprivacy enforcement globally relative to the scale of abuse. There is still no federal privacy law equivalent to GDPR in the US hence it falls to states & the catch-all FTC act. The US & EU need to be operating from the same privacy playbook and get past the ghosts of safe harbor, privacy shield failures.
California is currently the proxy for federal privacy law, but it’s scope only extends to data from California residents which of course is only 20% of the US population.
In Ireland, it doesn’t help that our Data Protection Commission (DPC) has a weak enforcement history which creates little fear for frequent data privacy scofflaws like Facebook. Remembering that the DPC is the lead authority for many big tech litigation cases in the EU but yet is playing mouse with it’s light touch regulation and parking ticket level fines to a billionaire.
It’s also no small coincidence that advertising $$$ are the engine driving the 21st century assault on privacy & Facebook is one of the biggest data aggregators around. (Oh, what to do with all those monetization opportunities?)
MONEY TALKS CORPORATE PERPS WALK
Of course, the money to fight these cases may arguably be the top inhibitor to change. Like the cigarette companies of old defending their product, modern data big tech corporate defense wolfpacks fight against individual agencies like the California OAG & the Irish DPC which is often akin to the proverbial, bringing a knife to a gunfight when you stack up the financial wherewithal of BigTech. Time to level the playing field and hence its time for a UN style privacy summit to tackle the problem.
Looking for Help with Data Protection?
Check out our Data Protection Officer service (DPOaaS) page
Great Rates | Flexi-Contracts | Veteran Expertise