Insights
Publications

Zoom & Schools: New Privacy Issues Arise

April 9, 2020 Blog

As school districts increasingly rely on Zoom to facilitate online classes, and in many cases are expressly directing students to download and use the app, it implicates new legal concerns for the company.

State regulators have taken notice of Zoom’s online school activity, and some have expressed concerns about whether Zoom has actually sought or obtained parents’ permission to collect data from minor students, in light of activity ostensibly targeted at minors. Zoom’s school district privacy policy requires a “‘School Subscriber’ – typically a student's school, school district, or teacher—to contractually consent to [Zoom’s] information practices on behalf of such students’ parents.” Both the CCPA and the Children’s Online Privacy Protection Act (15 U.S.C. §§ 6501, et seq.) (“COPPA”) primarily delegate to parents control of the information that is collected from their children online, and therefore generally require express parental consent for any personal data collection from minors.

New York’s attorney general recently sent Zoom a letter, requesting clarification on its security measures, specifically with regard to the increased traffic on its network and the detection of hackers in online classrooms. This implicates concerns for anyone using the app to discuss confidential or private matters. Seemingly as a result of these privacy concerns, some school districts have banned Zoom entirely for classroom use and/or official communications.

Overall, Zoom’s business is thriving as schools implement distance learning due to COVID-19 concerns. However, with its rapid growth, a new host of privacy-related legal issues have arisen, which are likely to develop in interesting ways in the coming weeks.

Firm Highlights

Publication

Employee Data under the CCPA: Expiration of Employer Exemptions Requires Compliance as of January 1, 2023

Since the California Consumer Privacy Act (“CCPA”) was passed in 2018, employers have been watching carefully to see how the law will apply to data collected and maintained about their employees. Up until now, ...

Read More
Publication

What Recent Rulings in 'hiQ v. LinkedIn' and Other Cases Say About the Legality of Data Scraping

LinkedIn obtained a permanent injunction on Dec. 6 in its six-year-old lawsuit against data scraping company hiQ Labs, which LinkedIn quickly cheered as a “final, decisive victory” that established an “important legal precedent.” While...

Read More
Publication

Privacy Policy Best Practices for Nonprofits

Welcome to EO Radio Show – Your Nonprofit Legal Resource . I’m happy to have my colleague Nate Garhart back for a discussion on privacy laws and how they affect website content development and online...

Read More
Publication

California Passes Landmark Privacy Protections for Children With Big Implications for Online Providers

Governor Newsom recently signed into law AB 2273 , the California Age-Appropriate Design Code Act (CA AADCA), making California the first state to pass broad privacy protections for children. The CA AADCA is modeled...

Read More
Publication

Platform Ecosystems: Computer Fraud and Abuse Act and Other Scraping Law Developments (Webinar)

Erik Olson and Stephanie Skaff discuss "Platform Ecosystems: Computer Fraud and Abuse Act and Other Scraping Law Developments." Web scraping has existed as long as the World Wide Web has, and as data has...

Read More
Publication

I Always Feel Like AI Is Watching Me: Artificial Intelligence and Privacy

ChatGPT got the early press, and every day we learn of new generative artificial intelligence products that can create new and creative visual and text responses to human input. Following on ChatGPT’s fame, Google’s...

Read More
Publication

Nonprofit Websites and Terms of Use - Best Practices and Common Pitfalls

Welcome to EO Radio Show – Your Nonprofit Legal Resource . Happy New Year, everyone!  In episode 26, Cynthia Rowland and her guest Nate Garhart discuss websites and terms of use and the legal concepts...

Read More
Publication

California Attorney General Announces Enforcement Sweep of Mobile Applications

Shortly before Privacy Day, California Attorney General (Cal AG) Rob Bonta  announced  a California Consumer Privacy Act (CCPA) enforcement sweep that targeted mobile applications. The sweep focused on popular apps in the retail, travel...

Read More
Publication

Cybersecurity Regulation: Key Takeaways From an Unusual FTC Order That Will Follow CEO for a Decade

The FTC recently issued a proposed order that would settle an enforcement action against Drizly, LLC and its co-founder and CEO, James Rellas, arising from data breaches in 2018 and 2020 that affected over...

Read More
Publication

Uber’s Former Chief Security Officer Found Guilty of Obstruction For Coverup of Data Breaches

On October 5, 2022, after a monthlong jury trial, former Uber Chief Information Security Officer Joseph Sullivan was found guilty of obstructing proceedings of the Federal Trade Commission (FTC) and misprision of a felony...

Read More