M365 Changelog: End-to-end encryption for Teams calling

MC259495 – Updated December 28, 2021: Microsoft has updated the rollout timeline below. Thank you for your patience.

End-to-end encryption is the encryption of information at its origin and decryption at its intended destination without the ability for intermediate nodes to decrypt. Teams will support an option to use end-to-end encryption (E2EE) for ad hoc 1:1 Teams VoIP calls. To support customer security and compliance requirements, IT will have full control of who can use E2EE in the organization.

This message is associated with Microsoft 365 Roadmap ID 70780

When this will happen:

Microsoft expects to begin rolling this out in early December (previously early November) and expect the rollout to be completed by early January (previously late December).

How this will affect your organization:

  • Admins:
    • A new policy will be added and it will have parameter to enable E2EE for 1-1 calls, default value is OFF so no impact until enabled. Admin can enable E2EE for a set of users or entire tenant.
  • End users:
    • If allowed by admin, the end user will see E2EE option in their settings, by default it will be OFF until switched ON by end user. E2EE calls will only support basic calling features like audio, video, screen share, chat and advanced features like call escalation, transfer, record, merge etc. will not be available.


What you need to do to prepare:

  • E2EE calls first release will only support basic calling features and many advanced features like escalation, call transfer, recording, captions etc. will not be available in E2EE calls, end users will be made aware of all the limitations when they opt-in.
  • E2EE will work only when both caller and call receiver have enabled E2EE
  • Feature will be available on Desktop and Mobile clients only