My Authors
Read all threads
Some facts on Zoom's current plans for E2E encryption, which are complicated by the product requirements for an enterprise conferencing product and some legitimate safety issues.

The E2E design is available here:…
All users (free and paid) have their meeting content encrypted using a per-meeting AES256 key. Content is encrypted by the sending client and decrypted by receiving clients or by Zoom's connector servers to bridge into the PSTN network and other services.
Zoom does not proactively monitor content in meetings and will not in the future. Zoom doesn't record meetings silently. Neither of these will change.

Our goal is to offer an end-to-end encryption solution that provides a stronger guarantee.
Zoom is dealing with some serious safety issues. When people disrupt meetings (sometimes with hate speech, CSAM, exposure to children and other illegal behaviors) that can be reported by the host. Zoom is working with law enforcement on the worst repeat offenders.
Making it possible for hosts to report people disrupting their meetings even under E2EE is solvable. The likely solution will be a content ring-buffer of the last X seconds on the host's system that can be submitted to Zoom for triage and action.
The other safety issue is related to hosts creating meetings that are meant to facilitate really horrible abuse. These hosts mostly come in from VPNs, using throwaway email addresses, create self-service orgs and host a handful of meetings before creating a new identity.
Zoom's Trust and Safety team can, if they have a strong belief that the meeting is abusive, enter the meeting visibly and report it if necessary.
As you see from the E2E design, there is a big focus on authenticating both the people and the devices involved in E2E meetings. If properly implemented, this would prevent Zoom's employees from entering a meeting, even visibly. There will not be a backdoor to allow this.
Zoom's E2EE implementation will need to be opt-in for the foreseeable future. A large portion of Zoom's meetings use features that are fundamentally incompatible with E2EE (PSTN phones, H323/SIP room systems, cloud recordings, cloud transcription, streaming to YouTube, etc).
So we have to design the system to securely allow hosts to opt-into an E2E meeting and to carefully communicate the current security guarantees to hosts and attendees. We are looking at ways to upgrade to E2E once a meeting has started, but there will be no downgrades.
So this creates a difficult balancing act for Zoom, which is trying to both improve the privacy guarantees it can provide while reducing the human impact of the abuse of its product.
Lots of companies are facing this balancing act, but as a paid enterprise product that has to offer E2EE as an option due to legitimate product needs, Zoom has a slightly different calculus.
The current decision by Zoom's management is to offer E2EE to the business and enterprise tiers and not to the limited, self-service free tier.

A key point: organizations that are on a business plan but are not paying due to a Zoom offer (like schools) will also have E2EE.
Will this eliminate all abuse? No, but since the vast majority of harm comes from self-service users with fake identities this will create friction and reduce harm.
This is a hard balance. Zoom has been actively seeking input from civil liberties groups, academics, child safety advocates and law enforcement. Zoom hopes to find a common ground between these equities that does the most good for the most people.
Two more pieces of context from questions:

1) Most of the people I interact with know this, but I've been working with Zoom as a consultant and helped with the E2E design.
2) None of the major players offer E2E by default (Google Meet, Microsoft Teams, Cisco WebEx, BlueJeans). WebEx has an E2E option for enterprise users only, and it requires you to run the PKI and won't work with outsiders.

Any E2E shipping in Zoom will be groundbreaking.
3 of 2) At no time does Zoom turn over encryption keys to LE. The issue here is whether Zoom's own employees can enter spaces they host, which is how all major trust and safety teams operate and which is precluded by good E2E.
Missing some Tweet in this thread? You can try to force a refresh.

Keep Current with Alex Stamos

Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!