- All Zoom video call meetings will be protected by end-to-end encryption starting in July, including chats between users on free accounts.
- The company had previously announced that only paid customers would get end-to-end encryption.
- Free users who will want to use the feature will need to agree to identity verification, such as verifying a phone number via a text message.
Video chat app Zoom is one of the big winners of the novel coronavirus health crisis. The easy-to-use cross-platform video calling application has seen a surge in user numbers over the past few months, as more people started working or studying from home. But Zoom had to deal with several major security and privacy issues, promising that fixes would be deployed in future releases.
At the same time, Google rebranded its video chat service to Google Meet and added new features. Facebook launched its own Zoom alternative called Messenger Rooms as well.
A few weeks ago, Zoom announced that paying customers will have access to end-to-end encrypted video calls. Meanwhile, free Zoom users would not get the same security upgrade that would make it impossible for anyone to snoop in on their calls. Somewhere along the way, Zoom had a change of heart and announced that everyone will get the same end-to-end encryption, even people who do not pay for a premium Zoom account.
Zoom acquired Keybase a few weeks ago to bolster its video chat encryption security and revealed that paying customers will soon have all their video calls protected by enhanced encryption. Fast-forward to mid-June, and Zoom has now confirmed that free users will also be able to take advantage of the same feature.
Zoom said in an update to its encryption plans that it is “pleased to share that we have identified a path forward that balances the legitimate right of all users to privacy and the safety of users on our platform. This will enable us to offer E2EE as an advanced add-on feature for all of our users around the globe – free and paid – while maintaining the ability to prevent and fight abuse on our platform.”
Previously, Zoom CEO Eric Yuan said that Zoom does not monitor meeting content and doesn’t share information with law enforcement “except in circumstances like child sex abuse.”
To offer end-to-end encryption to all users, Zoom will require users to provide some form of verification. “Free/Basic users seeking access to [end-to-end encryption] will participate in a one-time process that will prompt the user for additional pieces of information, such as verifying a phone number via a text message,” Zoom said. “Many leading companies perform similar steps on account creation to reduce the mass creation of abusive accounts. We are confident that by implementing risk-based authentication, in combination with our current mix of tools — including our Report a User function — we can continue to prevent and fight abuse.”
Recently, Zoom faced new criticism for its ties with China. The company confirmed that it took down accounts belonging to US-based activists at China’s request. Zoom said at the time it would not honor future requests from China. The company’s decision to bring end-to-end encryption to all Zoom users seems to indicate Zoom is serious about user security and privacy. It’s unclear whether the two events are related.
Zoom end-to-end encryption will be available in July, Zoom said, revealing that the feature will be optional, and users will be able to toggle it on and off on a per-meeting basis. Traditional phones joining a conference won’t get the same level of protection, so end-to-end encryption will be disabled in those instances.
FaceTime and WhatsApp both already use end-to-end encryption, if privacy is a priority for you. The former requires an iPhone, iPad, or Mac, and the latter has an eight-user cap, so there are limitations.