As the COVID-19 crisis continues, many companies throughout the country have arranged for significant portions of their workforce to work from home. A natural part of that arrangement is conducting videoconferences. With employees working at home in isolation, many seek opportunities to connect with others through a visual medium. Thus, companies are using videoconferencing to conduct business meetings. In other circumstances, employees are using it simply to connect visually with co-workers to catch up on work and life in general. Companies must, however, devote attention to a variety of privacy-related concerns when relying on this technology (as well as other related technologies) that enable expanded work from home opportunities. Recently, we created a work-from-home checklist including a number of relevant privacy issues.
When discussing video conferencing today, there are many options including Google Hangouts, Skype, and WebEx. However, it appears the option gaining the most popularity is Zoom Video Communications.
Last week, a class action lawsuit was commenced in a California federal court against Zoom alleging under the California Consumer Privacy Act and related laws, that it failed to properly safeguard the personal information of its users.
According to the complaint, “upon installing or upon each opening of the Zoom App, Zoom collects the personal information of its users and discloses, without adequate notice or authorization, this personal information to third parties…invading the privacy of millions of users.” The complaint describes that the Zoom app notifies third-party social media app users “when the user opens the app, details on the user’s device such as the model, the time zone and city they are connecting from, which phone carrier they are using, and a unique advertiser identifier created by the user’s device which companies can use to target a user with advertisements.”
The proposed class includes “all persons and businesses in the United States” whose personal information was collected or disclosed to a third party “upon installation or opening” of the Zoom app.”
The complaint acknowledges that on March 27, 2020, Zoom released a new version of the app that purports to no longer send unauthorized personal information of its users to Facebook.
According to a March 27 blog post, Zoom CEO Eric Yuan stated that, “Zoom takes its users’ privacy extremely seriously” and described changes Zoom was making to its software that would take effect when users update to the latest version.
Considering the lightning speed with which this case was brought, companies everywhere should take this opportunity to review its procedures and best practices regarding video conferencing platforms and other technologies in place supporting work from home arrangements. Not only could you avoid a class action lawsuit, but you will also be taking steps to protect the company’s proprietary information as well as any personal identifying information of its employees and customers that you maintain.