Privacy Archives

FTC Issues Settlement Requiring Zoom to Implement Robust Information Security Program in Response to Years of Deceptive Security Practices

November 19, 2020

On November 9, 2020, the Federal Trade Commission (FTC) announced a settlement agreement with Zoom Video Communications, Inc. (Zoom) that arose from alleged violations that Zoom engaged in a series of deceptive and unfair practices that undermined user security.

The FTC found that Zoom made several representations across its platform regarding the strength of its privacy and security measures used to protect users’ personal information that were untrue and provided users with a false sense of security. Specifically, the FTC found that Zoom made multiple statements regarding “end-to-end” and “AES 256-bit” encryption used to secure videoconference communications. However, Zoom did not provide end-to-end encryption for any Zoom meeting conducted outside of Zoom’s “Connecter” product. And, Zoom used a lower level of encryption that did not provide for the same level of security as “AES 256-bit” encryption. The FTC also found that Zoom stored meeting recordings unencrypted and for a longer period than Zoom claimed in its Security Guide. And, Zoom circumvented browser privacy and security safeguards through software updates without notice to users and without establishing replacement safeguards.

FTC Investigation of Twitter for Alleged Privacy Violations Reinforces Need for Strong Privacy Policies and Practices

August 18, 2020

Posted By: Ashleigh H. Krick

On August 3, 2020, Twitter disclosed in a regulatory filing that it is under investigation by the Federal Trade Commission (FTC) for allegations that the company used user phone numbers and email addresses for targeted advertising in violation of a 2011 Consent Agreement. Twitter estimates that it could face $150 to $250 million in losses due to legal fees and enforcement penalties resulting from this matter.

The 2011 Consent Agreement resolved charges that Twitter violated the Federal Trade Commission Act (FTC Act) when hackers obtained administrative control of Twitter allowing them access to non-public user information, private tweets, and the ability to send out fake tweets from any user’s account. The FTC found that Twitter’s actions neither upheld statements in its privacy policy, nor provided reasonable and appropriate security to prevent unauthorized access to nonpublic user data and honor the privacy choices of its users.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

EmTech Law Blog

FTC Issues Settlement Requiring Zoom to Implement Robust Information Security Program in Response to Years of Deceptive Security Practices

FTC Investigation of Twitter for Alleged Privacy Violations Reinforces Need for Strong Privacy Policies and Practices

Blog Search

Contact Us