Zoom is adding end-to-end encryption (E2EE ) for all users, reversing a decision made just weeks ago to reserve the highest security for paid plans.
Zoom has been in hot water more than once in recent months over its encryption claims and policies. Originally, the company’s marketing led customers to believe it provided E2EE when it did not. Once the company finally rolled out the upgraded encryption, it said it would only be for paid subscribers.
The rationale for the decision was that free plans were more likely to be used for illegal activities, and the company wanted to be able to work with the FBI and local law enforcement. Needless to say, the stand was not a popular one.
It appears the company has changed direction, and charted what it believes will be a compromise solution that will allow it to offer E2EE to free users.
“To make this possible, Free/Basic users seeking access to E2EE will participate in a one-time process that will prompt the user for additional pieces of information, such as verifying a phone number via a text message,” writes CEO Eric S. Yuan. “Many leading companies perform similar steps on account creation to reduce the mass creation of abusive accounts. We are confident that by implementing risk-based authentication, in combination with our current mix of tools — including our Report a User function — we can continue to prevent and fight abuse.”
The move is measured solution that will likely satisfy most critics.