Zoom will offer end-to-end encryption (E2EE) to all users, after all. The popular video conferencing platform plans to begin early beta of the E2EE feature next month, the company announced on Wednesday.
This announcement comes just a couple of weeks after the company said that it might not enable end-to-end encryption for free users. Zoom was concerned that the app could be used for unlawful activities.
"We plan to provide end-to-end encryption to users for whom we can verify identity, thereby limiting harm to these vulnerable groups," a company spokesperson had said earlier, essentially confirming that only paying users will get it. Since free users sign up with an email address, their identity can't be verified.
Zoom said enabling E2EE for such unverified users would make it difficult for law enforcement agencies to access any potential abusive content.
It faced a storm of criticism for this decision. For a company battling several privacy and security issues, E2EE was a much-needed feature. It is now pledging to provide the feature to all users.
Zoom to offer end-to-end encryption to all users
In a major U-turn, Zoom has announced that it'd enable E2EE for non-paying users as well. The only caveat here is that free users will need to provide some "additional pieces of information" for verification purposes.
This may include a phone number where they can receive verification messages. Paying users will have already entered identification details during their sign-up process.
Further, E2EE on Zoom will be an opt-in feature and will be off by default. The feature will not be compatible with "traditional PSTN phone lines or SIP/H.323 hardware conference room systems."
The company says meeting hosts will have the option to enable or disable E2EE on a per-meeting basis. Corporate administrators will be able to do so for an entire institution or group of users.
"We are grateful to those who have provided their input on our E2EE design, both technical and philosophical," Zoom said in the blog post announcing the updated E2EE draft. The company has released the updated design on GitHub. The feature will be available in beta in July 2020.
All Zoom users will continue to use AES 256 GCM transport encryption as the default encryption, though.
The company upgraded to this encryption standard starting with version 5.0 of the app last month. It also made it mandatory for all users to update to the latest version by May 30 in order to be able to join a meeting.