Zoom launches end-to-end encryption. Should you turn it on?
Image by TheDigitalArtist on Pixabay

Zoom launches end-to-end encryption. Should you turn it on?

Last week, Zoom began rolling out end-to-end encryption across its products, after months of work adding the feature.

Encryption helps protect the communication between you and the other side of your conversation – but when there’s a server involved (like Zoom), it’s the conversation between you and the server, then the server and the person or people on the other side.

Adding end-to-end encryption means that with the new feature, not even Zoom will be able to see your meeting contents.

Things To Consider

Before you rush to turn Zoom’s E2EE on, there are a few things you need to know:

  1. It breaks a lot of Zoom features. According to the company, if you turn on E2EE for a meeting you lose: join before host, cloud recording, streaming, live transcription, Breakout Rooms, polling, 1:1 private chat and meeting reactions.
  2. Everyone has to have an updated version of the Zoom app on their computer or phone to be able to join an E2EE meeting. I imagine there will be a lot of people scrambling to update apps as meetings start.
  3. You can’t call in to an E2EE meeting. Everyone has to use an app. This will impact a lot of people.

There’s also the consideration of metadata. While Zoom might not be able to see what’s going on in your meeting, they’ll still know who’s connected.

Turning on E2EE

If you still want to turn on – or at least try – E2EE, you can by logging into the Zoom website.

Screenshot. It shows the Zoom website menu. Account Management is active, and Account Settings is highlighted.

Log in to the Zoom site on your computer. Click Account Management, then Account Settings.

Screenshot. The top text says "Allow use of end-to-end encryption" then "Choose between enhanced encryption and end-to-end encryption when scheduling or starting a meeting. When using end-to-end encryption, several features (e.g. cloud recording, phone/SIP/H.232 dial-in) will be automatically disabled. Learn more." There is a toggle switch that is on. The bottom part of text says "Default encryption type If the admin locks this setting, users will not be able to change the encryption type for meetings (i.e. scheduled, instant, PMI)." There are two radio buttons. The first says "Enhanced encryption" The second says "End-to-end encryption". The second button is selected.

Scroll to find the “Allow use of end-to-end encryption” area and turn it on.

You might want to switch the next option, “Default encryption type” to “End-to-end encryption” if you always want your meetings to use it.

Screenshot. The title says "Encryption" There are two radio boxes. The first is labeled "Enhanced encryption". The second is labeled "End-to-end encryption". There is a warning box that says "Several features will be automatically disabled when using end-to-end encryption, including cloud recording and phone/SIP/H.323 dial-in. Learn More"

Next time you go to schedule a meeting, you’ll be able to choose between “Enhanced encryption” (what we’ve been using all along) and the new “End-to-end encryption”. Zoom includes a helpful note to remind you of some features that you’ll lose.

A class issue

E2EE is important and I’m glad Zoom has started rolling it out. But there are serious accessibility considerations that need to be made before using Zoom’s.

Just as you want to make sure that your in-person meeting locations are wheelchair-accessible and have gender-neutral bathrooms, your online meetings need to be accessible, too.

Are the people you’re talking with able to update to the latest version of the software? Do they even have smartphones with data plans or WiFi at all, or do they need to call in? Unless absolutely necessary (and in which case you should think about your threat model), don’t exclude people from your meetings.

Contact

info@techforthepeople.org

Misc