Encrypt data prior to entering Zoom's services. That shouldn't affect Zoom's ability to deliver your (now-encrypted) data to your peers. It would affect Zoom's ability to usefully "collect" that data for other purposes though.
The entire selling point of zoom over a peer-to-peer solution is that it's not peer to peer, but rather every client connects to the server that mediates the connection. It needs to decrypt the stream.
Peer to peer connections would quickly become impossible when you have meetings with more than a handful of people connected. Meetings/Webinars with hundreds of participants would be impossible with P2P technology.
Adding proper videoconferencing hardware would be tough using P2P since all that supports is usually some sort of SIP standard.
Zoom does collect some data by virtue of providing the service - it knows the IP addresses of all clients connecting, it does know all the data you enter when you create an account. It knows the OS that the client runs on. And their privacy policy reflects that.
How are the keys exchanged? At the end of the day zoom holds the keys. What matters, legally, is their privacy policy. If you don’t trust that then you have no business using a program that brokers encryption keys.
No, key agreement protocols were invented in the 20th century. Two parties can agree a shared secret (such as a key) without an intermediary discovering this secret even though the intermediary knows everything both parties said. We have no mathematical proof that such protocols can exist (they need a trapdoor function and there is no mathematical proof that trapdoor functions are possible), but nevertheless they seem to work fine.
Now, working KEx does leave you still not certain who the other party is, you're now communicating securely with someone but you aren't sure who. That's why the Web PKI exists. But choosing to have Zoom hold all the keys is a choice and not as you've portrayed it a necessity, the system could be designed to work just fine without doing that.
How do you tie a phone dial-in client into a web pki? Because that’s one of the features that zoom offer: regional dial-in numbers that you can use with any ordinary phone. And it’s really really useful.
You can tie anything into the Web PKI if that's really what you want to do, but that's besides the point.
The point is that Zoom doesn't need to know these keys. Yes, if there's no assurance that you're really talking to Alice and she's really talking to you Zoom could sit in the middle of some or all conversations - but right now they are in the middle of those conversations.
It doesn't change what is theoretically possible, but it changes the posture - what is easy to do, and why.
If you really don't like the uncertainty of a MITM being possible even if unlikely - you'd need Signal, or something like Signal's protocol which lets you compare your shared secrets to determine if there's really nobody in the middle.
