Zoom makes end-to-end encryption globally available for all users

1 month ago 29

Despite previously stating its meetings were end-to-end encrypted (E2EE)– and quickly walking back on those claims – Zoom has announced E2EE is now available to users globally, free and paid, for meetings with up to 200 participants.

It will be available to users on Zoom desktop client version 5.4.0 for Mac and PC, the Zoom Android app and Zoom Rooms, with the Zoom iOS app pending Apple App Store approval. The video conferencing start-up said that it uses 256-bit AES-GCM encryption, with only the meeting participants having access to encryption keys.

Account admins can enable this E2EE feature in their web dashboard at the account, group, and user level. It can also be locked at the account or group level. This level of encryption can also be toggled on and off by the meeting host, depending on the level of security and level of functionality they would like.

As part of the first phase of the launch, E2EE meeting participants must join from the Zoom desktop client, mobile app, or Zoom Rooms. Over the span of 30 days, the company is looking to receive feedback from users on its performance.

“We’re very proud to bring Zoom’s new end-to-end encryption to Zoom users globally today,” said Zoom CISO Jason Lee.

“This has been a highly requested feature from our customers, and we’re excited to make this a reality. Kudos to our encryption team who joined us from Keybase in May and developed this impressive security feature within just six months.”

Changing stance

Last June, Zoom reversed its decision to make E2EE available, but only for paid accounts. The company’s CEO, Eric Yuan, said in an earnings call in May that it wouldn’t be making it available to free account holders to allow law enforcement to access user information “in case some people use Zoom for a bad purpose”.

Zoom soon after said it would be reversing this decision after working with civil liberties organisations, governments and encryption experts to find a “path forward that balances the legitimate right of all users to privacy and the safety of users on our platform”.

It did, however, say that free or basic Zoom users would need to share additional information, such as verifying a phone number via a text message, in order to “prevent and fight abuse” on the platform.

Earlier this month, Five Eyes – the intelligence sharing group comprising the US, UK, Canada, Australia and New Zealand – was joined by government representatives from India and Japan to say that E2EE poses “significant challenges to public safety, including to highly vulnerable members of our societies like sexually exploited children”.

They called for tech companies to build systems that would allow law enforcement agencies to access E2EE content in a “readable and usable format”.

The post Zoom makes end-to-end encryption globally available for all users appeared first on Silicon Republic.

Read Entire Article