FTC Fails to Address Privacy in Settlement with Zoom

November 9, 2020

The FTC has reached a settlement with Zoom requiring the company to address data security but fails to address user privacy. Writing in dissent, Commissioner Slaughter said, "When companies offer services with serious security and privacy implications for their users, the Commission must make sure that its orders address not only security but also privacy." Commissioner Chopra, also dissenting, wrote "The FTC’s status quo approach to privacy, security, and other data protection law violations is ineffective." In July 2019, EPIC sent a detailed complaint to the FTC citing the flaws with Zoom and warning that the company had "exposed users to the risk of remote surveillance, unwanted video calls, and denial-of-service attack." In April 2020, EPIC wrote to Chairman Simons urging the FTC to open an investigation. EPIC has long advocated for the creation of a U.S. data protection agency.

Support Our Work

EPIC's work is funded by the support of individuals like you, who allow us to continue to protect privacy, open government, and democratic values in the information age.