Zoom Encryption Class Action Lawsuit: Victims Get $15 for False E2E

This lawsuit settlement with Zoom begs the question how much Facebook users should get, given similar false claims of end-to-end encryption.

Zoom misrepresented its end-to-end encryption.

Seems like a redundant sentence, yet still good to see it officially stated.

Strangely, this giant lawsuit excludes any large customers who may have suffered the most egregious violations of trust. Note the “only” exception:

…“registered, used, opened, or downloaded the Zoom Meeting App” between March 30th, 2016, and July 30th, 2021, you can file a claim for $15. However, if you have only used Zoom with an “Enterprise-Level Account” or a government account, you’re excluded from the settlement.


It is not explained. The settlement details are in a PDF Notice.

The key phrase (pardon the pun) for me out of all the court documents is here from page 2 (also a PDF).

Zoom can still access the video and audio content of Zoom meetings.

That’s in fact a very similar problem to Facebook’s false representation (lies) about its implementation of encryption.

Technically Zoom made a different set of mistakes, however, and a court doc like this one all about that kind of distinction and detail.

For example, the court says the plaintiffs are probably right that Facebook and Zoom conspired to violate privacy (after all, Zoom hired the disgraced ex-CSO of Facebook to help drive its Titanic-level errors) but plaintiffs also did not always provide evidence of how they themselves were affected by each flaw.

The Court concludes that one former Plaintiff may have adequately alleged that Zoom shared her personal data through the Facebook SDK. Specifically, former Plaintiff Cynthia Gormezano alleges using Zoom on an iPhone “in March of 2020,” FAC ¶ 52—which is likely
while Zoom’s iOS app still implemented Facebook’s SDK. However, on February 18, 2021, Gormezano voluntarily dismissed her claims against Zoom without prejudice. ECF No. 158. Thus, the question is whether the remaining Plaintiffs adequately allege that Zoom disclosed their device data through Facebook’s SDK.

So Plaintiff Cynthia Gormezano dismissing her “adequate” claims meant an important specific flaw was swept under a rug since others couldn’t continue without her.

Is $15 enough compensation for such a failure of encryption and the exposure to Facebook’s “criminal executives” who failed even more massively at privacy?

Other related posts:

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.