I wrote last week about how Zoom had decided that it would limit end-to-end encryption (E2EE) to paid accounts, leaving free users without that added layer of protection. The company, understandably, faced some pretty intense criticism over that decision. Now, it appears to have changed its mind and, starting in July, will begin rolling out E2EE for everyone. Well, almost. We'll get to that in a moment.
First, I think it's worth understanding that there are actually different types of encryption here, which serve different purposes. As a result, they affect you and your Zoom meetings differently.
The first is known as AES-256-bit GCM encryption. All Zoom meetings have been encrypted with this advanced form of protection since version 5.0. This encryption protects your video, voice, and content data as it travels from your device, through Zoom's servers, and to other participants. It prevents your information from being intercepted by a hacker.
E2EE is actually really hard for videoconferencing. That's because Zoom (or any video service), has to be able to access the data traveling through its servers in order to perform basic functionality, like the software switching views on the screen, for example. It also affects how Zoom is able to store your videos on its servers.
The other concern is that Zoom is sensitive to the reality that not everyone who uses its service has good intentions. Encryption inevitably complicates the ability for companies to provide information to law enforcement to investigate things like child exploitation.
In a blog post, the company said:
"We are also pleased to share that we have identified a path forward that balances the legitimate right of all users to privacy and the safety of users on our platform. This will enable us to offer E2EE as an advanced add-on feature for all of our users around the globe - free and paid - while maintaining the ability to prevent and fight abuse on our platform. "
I reached out to the company, which confirmed to me through a spokesperson that the feature won't cost anything, however, users on a free account will be required to verify their identity. Zoom hopes this will help prevent, or at least minimize, those who might try to use the platform for criminal activity.
"To make this possible, Free/Basic users seeking access to E2EE will participate in a one-time process that will prompt the user for additional pieces of information, such as verifying a phone number via a text message," said the company.
By the way, users will be able to turn the feature on and off on a meeting-by-meeting basis and account administrators can control it for their organization. That's important because using E2EE means that you won't be able to utilize "traditional PSTN phone lines or SIP/H.323 hardware conference room systems."
There is, by the way, another lesson here, which is that Zoom has taken the criticism it has faced seriously. It has made considerable changes in the last three months. Those changes have made the service better, though not always easier to use. That's a big deal considering that Zoom became the default videoconferencing tool for millions of people because it was so simple to set up and use.
The fact that a technology company as big as Zoom has turned its issues into ways to make its product better for customers is a good example for every business. It can be easy to dismiss criticism and stick to your belief that you know better than the customer. We see tech companies do that on a regular basis.
If you're willing to listen, however, you might just hear what your customers want. Even more, you might end up building something that's actually better. When that happens, it's a win for everyone.