If anyone has benefited from the COVID-19 pandemic, it's Zoom.
The virtual meeting platform became a household name within months and a critical resource for students, remote employees, and anyone looking to connect with loved ones.
But according to a new lawsuit between Zoom and Consumer Watchdog, the company hasn't been completely honest about its service.
Benjamin Powell, Staff Attorney with Consumer Watchdog, calls it "false promises."
The non-profit consumer advocacy group just announced that it is suing Zoom Video Communications, Inc. for violating the District of Columbia Consumer Protection Procedures Act (DCCPPA), which prohibits unlawful trade practices and false advertising.
What did Zoom allegedly lie about? End-to-end encryption.
"Zoom repeated its promises of 'end-to-end encryption' throughout its website, on the user interface within its app and in published security 'white papers'—including an April 2020 guide promoting Zoom as a way for medical professionals to transmit sensitive patient information.
The lawsuit alleges, however, that these promises of security are false, and that Zoom has always been capable of intercepting and accessing any and all data transmitted on its platform—the very opposite of 'end-to-end encryption.'"
Amid Zoom's rapid increase in popularity, its relationship with data privacy has been repeatedly questioned. From its controversial relationship with police access surrounding Black Lives Matter protests, to its cooperation with China, many have wondered about how the company values security.
The lawsuit also claims that Zoom made its users more vulnerable to cyberattacks.
"Given that individuals and companies use Zoom to discuss and share confidential trade secrets, it is particularly troubling that Forbes recently reported that some Zoom conversations were being routed through servers in China—a country whose government is often accused of trade secret theft."
Powell emphasized that these consequences are especially dire in one of the fields we need most right now: the healthcare industry.
"Clients in the medical field, for example, were assured by Zoom that its platform was secure enough to transmit confidential medical information between physician and client. That just isn’t the case."
The lawsuit is seeking financial damages in accordance with the DCCPPA. Here's how that could pan out:
"The DCCPPA provides for statutory damages in the amount of $1,500 per violation. Consumer Watchdog estimates that there are tens of thousands of Zoom users in Washington, D.C."