Zoom Is Planning for End-to-End Encryption to All Users


Originally, E2EE calls were intended only for Zoom paying customers, but the company has reconsidered after the uproar from the public.

Zoom has backtracked on its decision to limit end-to-end encrypted (E2EE) calls only for paying customers and today announced it would make the feature accessible to all users.

Zoom CEO Eric Yuan said in a blog post today that initial support for E2EE calls would roll out as part of Zoom beta releases in next month, in July 2020.

To avoid abuse, such as child pornography, violent content, and others, Yuan said Zoom is planning to verify all users that allow the feature.

“Free / Basic users seeking access to E2EE will participate in a one-time process to prompt the user for additional pieces of information, such as verifying a phone number through a text message,” Yuan said.

The Zoom CEO said this would help balance the privacy needs of the company’s customers but also combat abuse. Zoom is currently using machine learning algorithms to scan video calls for nudity and signs of child abuse material but has also recently added a function called “Report User.”

Zoom announced support for E2EE calls last month but this month, when it clarified that the feature would only be available for paying customers , the company came under heavy critique. Consumers, security experts, as well as privacy and human rights advocates criticised it.

Support for E2EE calls is part of Zoom’s three-month plan to strengthen the security of the app, which was spectacularly exposed as deficient at the onset of the coronavirus (COVID-19) pandemic at the beginning of the year when most users started to work from home and relied more heavily on solutions such as Zoom for work and family meetings.

The company has also made the E2EE specification available for public review on GitHub as part of Zoom ‘s commitment to enhance protection for the app.

Jennifer Thomas
Jennifer Thomas is the Co-founder and Chief Business Development Officer at Cybers Guards. Prior to that, She was responsible for leading its Cyber Security Practice and Cyber Security Operations Center, which provided managed security services.