Insights
Publications

Zoom Successfully Addresses New York’s Privacy and Security Concerns

May 29, 2020 Blog

A few weeks ago on this blog, we addressed some of the legal issues that have arisen for Zoom, as it becomes a significant part of American daily life during the COVID-19 pandemic. 

Among those legal issues was an inquiry by the New York State Attorney General into Zoom’s privacy practices, and particularly into its measures to detect and prevent hackers or other outside parties attempting to observe or interfere with online meetings. In several incidents, the third parties interrupted meetings with disturbing messages or images. In fact, two other states – Connecticut and Florida - joined the New York probe after state government officials fell victim to “zoombombing.” Based on perceived security flaws, on April 6, 2020, the New York City Department of Education implemented a ban on public schools’ use of Zoom for classes and educational purposes. 

These problems inspired Zoom to implement a 90-day plan to expand security measures on its platform. It established a special version of its platform that is licensed by the New York City Department of Education. That version allows teachers to control what is shared and who participates in online class sessions, and prevents students from chatting privately with their classmates outside their teachers’ view. As a result of these, and other expanded security measures, on May 6, 2020 the New York City Department of Education lifted its ban on schools’ use of Zoom.

Around the same time, the company reached an agreement with the New York Attorney General’s office, which further expanded protections for those using the platform, even outside an educational context. Specifically, Zoom agreed to increase hosts’ ability to control their web conferences by allowing them to do the following:

  • implement password protection (by default), or place users in a digital waiting room before accessing a meeting;
  • control access to private messages sent via Zoom chat;
  • control which, if any, participants can share screens; and
  • limit access to email domains in a Zoom directory, or limit participation to specific email domains.

Zoom also agreed to take steps to stop sharing user data with Facebook, and to disable a feature which shared LinkedIn profiles with users. Many of the agreed-upon measures have already been implemented by Zoom, which has agreed to submit a copy of its annual data security assessment to the New York Attorney General’s office for review.

Zoom’s quick response to New York’s privacy and security concerns appears, thus far, to have helped it continue its forward momentum.

Firm Highlights

Publication

Twists in the Plot: California AG Releases Final CCPA Regulations

With a little time to consider the  finalized California Consumer Privacy Act regulations  released by the California Attorney General on August 14, 2020, it is clear that some last-minute negotiations (or perhaps just some...

Read More
Publication

A Roadmap to Litigating Privacy Claims? A Look at a Recent Order From the Google Assistant Privacy Litigation

As privacy-related litigation continues to heat up, Judge Beth Freeman (ND Cal.) recently laid out in In re Google Assistant Privacy Litigation (Case No. 19-cv-04286) [1] a potential roadmap for surviving or winning a...

Read More
Publication

How Antitrust and Unfair Competition Laws Affect Platform Providers’ Relationships With ISVs, API Developers, and Scrapers

A wide variety of business and consumer platforms host mutually beneficial ecosystems. But these ecosystems are also fraught with antitrust risk that arises when platforms try to terminate or modify the terms of third-party...

Read More
News

Prop. 24 Passes: What Companies Need To Know About the New Privacy Law

Nate Garhart spoke to the San Francisco Business Times on the steps companies can take to prepare for the California Privacy Rights Act (CPRA). He noted that if the CPRA applies to your business, then...

Read More
Publication

Privacy During Bankruptcy Proceedings: Why It Matters

During these particularly trying times resulting from the COVID-19 pandemic, businesses of all sizes have been concerned about the future. As a result, considering potential liquidation or restructuring through bankruptcy is inevitably starting to...

Read More
Publication

Reopening Businesses Must Consider Employee and Consumer Privacy

While we’re far from returning to the “normal” that predated the COVID-19 pandemic, states have begun to relax lockdown requirements and some previously “nonessential” businesses are returning to operations. Along with these openings, governmental...

Read More
Publication

Proposition 24: California’s Ever-Evolving Privacy Landscape

Next Tuesday is election day, and this year, California voters are deciding whether to support another statewide privacy initiative – the California Privacy Rights Act (CPRA) (Proposition 24).  This measure would expand on the...

Read More
Publication

Reopening Plans and Recommended Protocols Beg New Privacy Issues

While far from getting us back to any kind of normal that predated the COVID-19 pandemic, states have begun to relax lockdown requirements and some previously closed “nonessential” businesses are returning to operations. With...

Read More
Publication

Three Steps Licensees Can Take to Protect Their IP Rights in Bankruptcy

During periods of widespread economic disruption such as the present, operating businesses must be able to identify and respond to threats to the financial health of their contracting counterparts in order to protect key...

Read More
Publication

Electric Fence: Protecting Proprietary Rights in Collected Energy Data

Like companies in other industries, a growing number of modern energy-related companies are focusing their efforts on data collection and analysis. For example, Enphase – an energy technology company – regularly tracks data about how...

Read More