If encrypted calls between jollas were by default, no caring needed, just make sure they have a jolla before calling (and possibly ask them to not enable developer mode and install anything from open repos, this would be the attack vector)