Zoom backtracks, says end-to-end encryption will be able to all users

Credit: Zoom

After a series of privacy and security blunders, Zoom promised strong encryption and protections for users. But initially, end-to-end encryption was only planned for paid users in an effort to combat abuse.

After consulting with encryption experts, civil liberties groups, child safety advocates and government officials, however, Zoom announced that all users of its video conferencing tool will be able to enable end-to-end encryption.

The backtrack follows a pair of letters that were penned to the company by digital rights groups, such as the Mozilla Foundation, and tens of thousands of concerned users.

"Since releasing the draft design of Zoom's end-to-end encryption (E2EE) on May 22, we have engaged with civil liberties organizations, our CISO council, child safety advocates, encryption experts, government representatives, our own users, and others to gather their feedback on this feature," Zoom CEO Eric Yuan said.

Originally, Zoom says it nixed encryption for free users to comply with law enforcement and curb the creation of abusive accounts. Now, however, the company said it will explore "new technologies" to enable it for everyone. Free users, for example, will need to verify themselves by inputting a phone number in the signup process. Zoom says that'll keep bad actors from creating multiple accounts.

The video conferencing company also released an updated end-to-end encryption design on Github.

Zoom has had a number of privacy and security gaffes in the wake of its boom in popularity due to coronavirus, including a phenomenon known as "Zoombombing" and several security vulnerabilities. The company also caught flack for making misleading statements about its encryption offerings.

End-to-end encryption on Zoom will launch as an optional feature in early beta in July.