Zoom Decides to Make End-to-End Encryption Available to Everyone

Last updated June 28, 2021
Written by:
Bill Toulas
Bill Toulas
Cybersecurity Journalist

Since Zoom announced its plans to introduce end-to-end encryption (E2EE) on its clients’ teleconferencing solution, they were met with vocal objections from privacy advocates and organizations. The problem was that the software was looking to make an additional profit from this added feature, offering E2EE only for the users who were paying for a Zoom account. The freeloaders would only get AES 256-bit GCM encryption, which was an improvement over the preceding situation, but not good enough by today’s standards. A week ago, Mozilla and the EFF (Electronic Frontier Foundation), co-signed a letter that was backed by 20,000 internet users, urging Zoom to reconsider its position on this matter, and not condemn free users to rely on lower-grade security.

Simply put, Zoom is so big now that it holds a social responsibility it has to live up to. A large number of people are using Zoom to organize protests on human rights, meetings, and actions that law enforcement has recently tried to monitor, control, and even bash. Some of these people may not be in a position to afford a paid account on the Zoom platform, so degrading their security and privacy would be a discriminatory move.

Zoom has realized all that and decided to change its stance, making end-to-end encryption available for the entire userbase, covering both paying members and free accounts. As they mention, the technical and also philosophical feedback they gathered since they made their E2EE plans publicly known was pivotal in taking this decision, and so they have updated the associated whitepaper (version 2) now on GitHub. For this to work without any risks of abuse, Free/Basic accounts will have to verify their phone numbers via SMS.

As for when the E2EE is planned for landing, that would be sometime in July 2020. Until then, the Zoom userbase will continue to use the GCM encryption system, which will remain the default option. The end-to-end encryption system will be optional, activated by the meeting creator, or an accounts group administrator.

EFF welcomed this news with victorious titles, highlighting the fact that when people come together and demand a change in direction, good things happen. Still, as the EFF feels that this should only be a powerful example, as other widely-used tools in the field are not following the same approach. And this is precisely where Zoom may have seen a market opportunity after all, as free E2EE is a compelling factor for users to consider.



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: