Faced with continued pressure from the market and privacy groups, Zoom Inc has announced that it will offer end-to-end encryption to paid and unpaid users of its video conferencing service. This is seen as a 180-degree turnaround from the company that had previously taken the position of providing end-to-end encryption only to its paying customers. Non-paying customers had to make do with diluted encryption, usually called transit encryption. The argument from privacy and human rights advocates was that the Zoom model essentially made privacy a premium feature only available to paying customers. It has also been argued that paying customers are more "traceable" and therefore less likely to use the platform for illegal activities. Due to continued pressure on it, Zoom, which had become extremely popular around the world during the pandemic-induced lockdown, has now announced plans to roll out end-to-end encryption for non-paying users (E2EE), also.
Simple process to monitor users
Until now, free Zoom users sign up with an email address, which doesn't provide enough information to verify identity. But now that Zoom has relented, there will be a new process for free users. "Free/Basic users seeking access to E2EE will participate in a unique process that prompts the user to provide additional information, such as verifying a phone number via SMS," Zoom CEO Eric Yuan said in a message. “Many leading companies are taking similar steps when creating accounts to reduce the mass creation of abusive accounts. We are confident that by implementing risk-based authentication, in combination with our current mix of tools, including our Report User feature, we can continue to prevent and combat abuse," Yuan added. The beta version will launch in July, but it is not clear how the implementation would be implemented or when.
Optional function
The registration process is similar to those required by end-to-end messaging services like WhatsApp. Users of each service must prove that they have a valid phone number. This should weed out shady and illegal operators significantly. Strong encryption everywhere helps everyone. At the individual level, end-to-end encryption essentially provides each user with keys that reside only on their devices, where communications are encrypted and then decrypted (encrypted data is typically encrypted a second time as it travels over the wire). Technical experts say that it is almost difficult for anyone (be it the government or malicious hackers) to access human-readable content. In principle, even service providers do not have access to the keys that decrypt the data. This type of protection is a necessity of the hour as more and more sensitive information is transmitted on the Internet. Yuan said that E2EE, once implemented, will be an optional feature. "E2EE will be an optional feature as it limits certain meeting functions such as the ability to include traditional PSTN phone lines or SIP/H.323 hardware conference room systems. Hosts will enable or disable E2EE meeting." Account administrators will be able to enable and disable E2EE at the account and group level. (Via): Zoom.