Earlier this month Zoom announced that it would not be offering end-to-end encryption to its free users.
The reasoning given by the firm’s chief executive officer, Eric Yuan, was that Zoom wanted to be able to assist local law enforcement should a free user “use Zoom for a bad purpose”.
As you might imagine, this didn’t sit well with privacy advocates and cybersecurity experts.
But now Yuan has seemingly changed his mind.
“Today, Zoom released an updated E2EE [end-to-end encryption] design on GitHub. We are also pleased to share that we have identified a path forward that balances the legitimate right of all users to privacy and the safety of users on our platform. This will enable us to offer E2EE as an advanced add-on feature for all of our users around the globe – free and paid – while maintaining the ability to prevent and fight abuse on our platform,” wrote the Zoom CEO.
To make this possible Yuan says that free and Basic users will need to verify a phone number via a text message. Account administrators will also be able to enable and disable encryption at an account and group level.
“Many leading companies perform similar steps on account creation to reduce the mass creation of abusive accounts. We are confident that by implementing risk-based authentication, in combination with our current mix of tools — including our Report a User function — we can continue to prevent and fight abuse,” adds Yuan.
The CEO said that Zoom plans to launch a beta of its encryption in July.
[Source – Zoom]