Zoom will offer end-to-end encryption to all its users, paid and free, around the globe as an advanced add-on, the company announced on June 17. The company will introduce an early beta version of end-to-end encryption in July 2020. The company has released the second version of its white paper on end-to-end encryption for public feedback. Zoom had released the first white paper for consultation on May 22. This announcement comes a fortnight after CEO Eric Yuan faced significant flack for saying that end-to-end encryption would only be available for Business and Enterprise users during Zoom's earnings call. He had then said that the security feature would not be available to free users "[b]ecause we also want to work it together, see if this with FBI, with local law enforcement, in case some people they use Zoom for the better purpose". Even then, it was not clear if Pro users, that is users on the cheapest paid plan, would be offered end-to-end encryption. How will this work? End-to-end encryption will be an optional feature. The default will be the "enhanced encryption" via AES 256 GCM encryption that Zoom started offering from May 30, that is, communication will be encrypted from sending client to Zoom server and from Zoom server to the receiving client; thus, Zoom will have access to the content of communication. If end-to-end encryption is enabled, the decryption will only happen on the device of the receiving client, thus making the communication opaque to Zoom servers. Thus, if…
