Zoom’s has announced that it plans to offer end-to-end encryption to all its users, and not just those with paid subscriptions. Zoom had initially stated it would develop end-to-end encryption as a premium feature.
A statement from zoom says
Since releasing the draft design of Zoom’s end-to-end encryption (E2EE) on May 22, we have engaged with civil liberties organizations, our CISO council, child safety advocates, encryption experts, government representatives, our own users, and others to gather their feedback on this feature. We have also explored new technologies to enable us to offer E2EE to all tiers of users.
Today, Zoom released an updated E2EE design on GitHub. We are also pleased to share that we have identified a path forward that balances the legitimate right of all users to privacy and the safety of users on our platform. This will enable us to offer E2EE as an advanced add-on feature for all of our users around the globe – free and paid – while maintaining the ability to prevent and fight abuse on our platform.
To make this possible, Free/Basic users seeking access to E2EE will participate in a one-time process that will prompt the user for additional pieces of information, such as verifying a phone number via a text message. Many leading companies perform similar steps on account creation to reduce the mass creation of abusive accounts. We are confident that by implementing risk-based authentication, in combination with our current mix of tools — including our Report a User function — we can continue to prevent and fight abuse.
Zoom has also been facing harsh criticism since the beginning of the COVID-19 pandemic for failing to beef up its security despite huge surges in user growth as Zoom and similar services became virtual hangout tools during lockdowns. In late March, Zoom admitted that while it uses a standard web browser data encryption, it does not use end-to-end encryption. The company has spent the time since improving its security and working on a new encryption solution.