By Jonathan Stempel
(Reuters) – A U.S. judge dismissed large parts of a lawsuit accusing Zoom Video Communications Inc of violating users’ privacy rights by sharing personal information with Facebook, Google and LinkedIn, and letting malevolent intruders join Zoom meetings in a practice called Zoombombing.
In a Thursday night decision, U.S. District Judge Lucy Koh in San Jose, California, dismissed several claims in the proposed class action including invasion of privacy, negligence, and violations of that state’s consumer and anti-hacking laws. She allowed some contract-based claims to proceed.
The judge said the plaintiffs failed to prove that Zoom shared or sold their data without permission, and at best alleged that the San Jose-based company “disclosed certain other people’s data, not necessarily Plaintiffs’ data.”
She also said Zoom is “mostly” immune under Section 230 of the federal Communications Decency Act, which shields online platforms from liability over user content, for Zoombombing, where outsiders hijack Zoom meetings and display pornography, use racist language, or post other disturbing content.
“Appalling as this content is, Zoom’s failure to edit or block user-generated content is the very activity Congress sought to immunize” under Section 230, which shields online platforms from liability over user content, Koh wrote.
The plaintiffs want Zoom to improve its security practices, and damages for past privacy violations. Koh said they can try to replead the dismissed claims.
Lawyers for the plaintiffs did not immediately respond on Friday to requests for comment. A lawyer for Zoom had no immediate comment.
The company’s share price has more than tripled since the World Health Organization declared a pandemic on March 11, 2020. Zoom stock was at $343.50 per share in midday trading on the Nasdaq on Friday.
The case is In re: Zoom Video Communications Inc Privacy Litigation, U.S. District Court, Northern District of California, No. 20-02155.
(Reporting by Jonathan Stempel in New York)