Video chat service Zoom will finally add end-to-end encryption to calls placed by customers on the free version of its service, weeks after announcing it will solely be out there to premium customers who shelled out for the privilege.
In April, Zoom faced a shareholder lawsuit alleging that the service boasted it used true end-to-end encryption, which prevents hackers from intercepting the contents of a conversation until they have access to one of the gadgets involved. In reality it used less-secure encryption, which allowed Zoom to watch the content of calls and who was participating in them.
This irritated some individuals in high places, not the least Senators Sherrod Brown and Richard Blumenthal, who chastised the company for shoddy security practices. It didn’t help that a later report indicated that a few of its encryption keys had been generated by servers in China, the place they might theoretically end up within the palms of state authorities. At the same time, Zoom was surging in new customers because of the coronavirus pandemic and had confirmed itself vulnerable to “Zoombombing,” by which trolls hijacked video calls and broadcast gore and sexual imagery.
Zoom introduced it will implement end-to-end encryption in May, however only for customers paying for its $14.99 monthly plan. Then in June, it had to clarify remarks from CEO Eric Yuan that Zoom couldn’t provide the encryption to free tier customers because that may get in the way in which of cooperation with the police and the FBI (the company needed to reassure angry customers that authorities would wish to present a warrant before accessing any information). After two petitions requesting Zoom swap to the upper tier of encryption for all customers gathered 70,000 signatures, the company has lastly caved and can roll out the feature to all customers—no matter whether or not they’re paying.
In a blog post on Wednesday, Yuan wrote that the company had sought the recommendation of “civil liberties organizations, our CISO council, child safety advocates, encryption experts, government representatives, our own users, and others” whereas making its determination. The tradeoff is that all Zoom customers searching for to use the upper level of security will now want confirm their identity with a text message or some other method.
“We are also pleased to share that we have identified a path forward that balances the legitimate right of all users to privacy and the safety of users on our platform,” Yuan wrote.
This is far from the only mess Zoom has gotten itself into these days. Over the previous few weeks, it suspended a number of people and organizations for memorializing the Tiananmen Square massacre, together with Hong Kong Alliance chairman Lee Cheuk-Yan and the U.S.-based Humanitarian China. Zoom later claimed it made a mistake by implementing Chinese censorship outside the nation’s borders, however at the same time it reaffirmed its dedication to censoring users within China in accordance with native regulation.