THE REGULATORY MIX AND BLOG ARTICLES

Posted by Amy Gross on 11/9/20 4:51 PM

Today's Regulatory Mix:  FCC to Hold Consumer Protection Webinar, FTC Requires Zoom to Enhance its Security Practices in Settlement

 

virtural showcase shutterstock_1588827322FCC to Hold Consumer Protection Webinar

The FCC’s Consumer and Government Affairs Bureau (CGB), along with its partners, the Better Business Bureau (BBB) and Federal Trade Commission (FTC), announced  they will be hosting a webinar highlighting tips and resources to protect consumers this upcoming holiday season. The webinar will take place on Friday, November 20 starting at 2:00 p.m. EST and can be viewed live at fcc.gov/live.   The free webinar will provide consumer protection information on various topics, including online shopping, avoiding charity scams, and mobile device and public Wi-Fi safety tips.

DOWNLOAD A SAMPLE FCC BRIEFING

 

 

FTC shield-1FTC Requires Zoom to Enhance its Security Practices in Settlement

The FTC today announced a settlement with Zoom Video Communications, Inc. that will require the company to implement a robust information security program to settle allegations that the video conferencing provider engaged in a series of deceptive and unfair practices that undermined the security of its users.

Zoom has agreed to a requirement to establish and implement a comprehensive security program, a prohibition on privacy and security misrepresentations, and other detailed and specific relief to protect its user base, which has skyrocketed from 10 million in December 2019 to 300 million in April 2020 during the COVID-19 pandemic.

In its complaint, the FTC alleged that, since at least 2016, Zoom misled users by touting that it offered “end-to-end, 256-bit encryption” to secure users’ communications, when in fact it provided a lower level of security. End-to-end encryption is a method of securing communications so that only the sender and recipient(s)—and no other person, not even the platform provider—can read the content.

In reality, the FTC alleges, Zoom maintained the cryptographic keys that could allow Zoom to access the content of its customers’ meetings, and secured its Zoom Meetings, in part, with a lower level of encryption than promised.

“During the pandemic, practically everyone—families, schools, social groups, businesses—is using videoconferencing to communicate, making the security of these platforms more critical than ever,” said Andrew Smith, Director of the FTC’s Bureau of Consumer Protection. “Zoom’s security practices didn’t line up with its promises, and this action will help to make sure that Zoom meetings and data about Zoom users are protected.”

As part of the proposed comprehensive information security program, Zoom must take specific measures aimed at addressing the problems identified in the complaint. For example, it must:

  • assess and document on an annual basis any potential internal and external security risks and develop ways to safeguard against such risks;
  • implement a vulnerability management program; and
  • deploy safeguards such as multi-factor authentication to protect against unauthorized access to its network; institute data deletion controls; and take steps to prevent the use of known compromised user credentials.

_________________________________________________________

Recent Briefings from Inteserra!

California Increases High Cost Fund-A Surcharge

FCC Announces Effective Date For Revised Rules On Application of ICS Ancillary Service Fees

FCC Announces OMB Approval Of New 911 Rules For MLTS and VoIP Providers 

Pennsylvania Modifies Service Termination Moratorium for COVID-19 Emergency

 

GET COVID-19 STATE REGULATORY ACTION LIST HERE

____________________________

The Regulatory Mix, Inteserra’s blog of telecom related regulatory activities, is a snapshot of PUC, FCC, legislative, and occasionally court issues that our regulatory monitoring team uncovers each day. Depending on their significance, some items may be the subject of an Inteserra Briefing.

 

Learn more about Broadband/Lifeline Subscription Management

Topics: FCC Consumer Protection, FTC Security Practices

Subscribe to our FREE Regulatory Mix and Blogs with Email Alerts.

Recent Posts

Posts by Topic

see all

Posted by Amy Gross on 11/9/20 4:51 PM

Today's Regulatory Mix:  FCC to Hold Consumer Protection Webinar, FTC Requires Zoom to Enhance its Security Practices in Settlement

 

virtural showcase shutterstock_1588827322FCC to Hold Consumer Protection Webinar

The FCC’s Consumer and Government Affairs Bureau (CGB), along with its partners, the Better Business Bureau (BBB) and Federal Trade Commission (FTC), announced  they will be hosting a webinar highlighting tips and resources to protect consumers this upcoming holiday season. The webinar will take place on Friday, November 20 starting at 2:00 p.m. EST and can be viewed live at fcc.gov/live.   The free webinar will provide consumer protection information on various topics, including online shopping, avoiding charity scams, and mobile device and public Wi-Fi safety tips.

DOWNLOAD A SAMPLE FCC BRIEFING

 

 

FTC shield-1FTC Requires Zoom to Enhance its Security Practices in Settlement

The FTC today announced a settlement with Zoom Video Communications, Inc. that will require the company to implement a robust information security program to settle allegations that the video conferencing provider engaged in a series of deceptive and unfair practices that undermined the security of its users.

Zoom has agreed to a requirement to establish and implement a comprehensive security program, a prohibition on privacy and security misrepresentations, and other detailed and specific relief to protect its user base, which has skyrocketed from 10 million in December 2019 to 300 million in April 2020 during the COVID-19 pandemic.

In its complaint, the FTC alleged that, since at least 2016, Zoom misled users by touting that it offered “end-to-end, 256-bit encryption” to secure users’ communications, when in fact it provided a lower level of security. End-to-end encryption is a method of securing communications so that only the sender and recipient(s)—and no other person, not even the platform provider—can read the content.

In reality, the FTC alleges, Zoom maintained the cryptographic keys that could allow Zoom to access the content of its customers’ meetings, and secured its Zoom Meetings, in part, with a lower level of encryption than promised.

“During the pandemic, practically everyone—families, schools, social groups, businesses—is using videoconferencing to communicate, making the security of these platforms more critical than ever,” said Andrew Smith, Director of the FTC’s Bureau of Consumer Protection. “Zoom’s security practices didn’t line up with its promises, and this action will help to make sure that Zoom meetings and data about Zoom users are protected.”

As part of the proposed comprehensive information security program, Zoom must take specific measures aimed at addressing the problems identified in the complaint. For example, it must:

  • assess and document on an annual basis any potential internal and external security risks and develop ways to safeguard against such risks;
  • implement a vulnerability management program; and
  • deploy safeguards such as multi-factor authentication to protect against unauthorized access to its network; institute data deletion controls; and take steps to prevent the use of known compromised user credentials.

_________________________________________________________

Recent Briefings from Inteserra!

California Increases High Cost Fund-A Surcharge

FCC Announces Effective Date For Revised Rules On Application of ICS Ancillary Service Fees

FCC Announces OMB Approval Of New 911 Rules For MLTS and VoIP Providers 

Pennsylvania Modifies Service Termination Moratorium for COVID-19 Emergency

 

GET COVID-19 STATE REGULATORY ACTION LIST HERE

____________________________

The Regulatory Mix, Inteserra’s blog of telecom related regulatory activities, is a snapshot of PUC, FCC, legislative, and occasionally court issues that our regulatory monitoring team uncovers each day. Depending on their significance, some items may be the subject of an Inteserra Briefing.

 

Learn more about Broadband/Lifeline Subscription Management

Topics: FCC Consumer Protection, FTC Security Practices

Subscribe to Email Updates

Recent Posts

Posts by Topic