Zoom Announces End-To-End Encryption Initially Available For Paid Users Only

Zoom is one of those services that gained traction amidst the lockdown attributable to the COVID-19 pandemic. However, besides gaining more userbase, the company also faced a backlash due to security blunders and privacy glitches. After coping up with the chaos, Zoom recently announced its plans for end-to-end encryption. Yet, this will be initially available to the paid users only, that too, conditionally.

Zoom End-to-End Encryption Limitation

Reportedly, Zoom has laid out its plans for rolling out end-to-end encryption to the users. In a detailed white paper made public a couple of weeks ago, they have shared the draft for the E2E encryption.

Though, Zoom, while releasing the white paper,  announced that they have openly shared their E2E plan to welcome discussions and feedback for the final design.

However, in a recent conference call regarding the Zoom’s First Quarter Fiscal Year 2021 Earnings Release, Zoom CEO, Eric Yuan, made a comment about E2E encryption that drew backlash from the cybersecurity community. He said,

Free users, for sure, we don’t want to give that, right? Because we also want to work it together, see if this with FBI, with local law enforcement…

Consequently, this created fury in the online community for the seemingly biased availability of E2E.

What’s The Fact?

However, Alex Stamos, presently an advisor to Zoom, has shared a detailed thread about Zoom end-to-end encryption.

He has made it clear that E2E will be available to both free and paid users. And that Zoom does not necessarily interfere in the meetings unless asked by the hosts, and/or, in case of Zoom notices an abuse of its service.

However, for now, Zoom offers this feature to enterprise clients only, barring free users (except schools).

Though, besides explaining the matter in detail, including all the underlying limitations of blanket E2E encryption, Stamos further wrote in his tweet,

For now, Zoom has not announced anything specific date regarding the launch of end-to-end encryption. Perhaps, we may expect a finer version of E2E in the final design keeping in view all the feedback they receive on the draft.

Let us know your thoughts in the comments.

Related posts

Hard-Coded Credentials Vulnerability Found In Kubernetes Image Builder

Critical Vulnerability Patched In Jetpack WordPress Plugin

Astaroth Banking Malware Runs Actively Targets Users In Brazil