As Facebook seeks to integrate its four mega apps—Instagram, WhatsApp, Messenger, and Facebook itself—one of the key aspects of that effort will ultimately be adding end-to-end encryption for all of them and allowing them to interoperate. Currently, only WhatsApp has end-to-end encryption by default, and Messenger merely offers it as an opt-in option within each conversation you have. “People’s private communications should be secure,” Facebook CEO Mark Zuckerberg wrote in his March 2019 memo outlining his vision. “End-to-end encryption prevents anyone—including us—from seeing what people share on our services.”
Ever since Zuckerberg presented his plan, it has sparked debate around the world. Now, as the company makes its first moves to weave together its services, here’s what you need to know.
Why it’s controversial
1. It absolves a platform from responsibility: Because Facebook can’t read the communications being sent, it may be relieved of its current burden of content moderation.
2. Governments hate it: Officials complain that end-to-end encryption creates a “safe space” for criminals. In October 2019, the U.S., U.K., and Australian governments demanded that Facebook give them a “backdoor” to access end-to-end encrypted messages if Facebook encrypts all its services.
3. It shields bad behavior: During recent elections in Brazil, Nigeria, and India, WhatsApp enabled the spread of disinformation and misinformation, largely unbeknownst to the public. As this article about the Nigerian election reveals, “the most notorious story circulated on social media was that the president had died while undergoing medical treatment outside of the country, and had been replaced by a clone from Sudan.”
Why it’s attractive to tech companies
1. It makes their services more appealing: Users like the idea of their messages being secure, especially if they don’t have to do anything extra to get the privacy benefit.
2. It reduces transparency obligations: In the second half of 2019, governments around the world made 140,875 data requests of Facebook, and the company cooperated at least partially with 74.4% of them. Without access to messages, the company won’t have to be accountable.
Why it’s not as secure as you think
1. Multiple devices: WhatsApp has tested a feature to allow users to access WhatsApp messages across a user’s devices. Anyone with access to them could potentially access messages.
2. Older messages: Messages backed up to Google Drive and Apple iCloud, for example, are not end-to-end encrypted.
3. Business use: WhatsApp messages between a user and a business are encrypted, but multiple people at a company may read them and are subject to a company’s own privacy policies, not Facebook’s. Facebook takes no responsibility for what happens once a business opens them.