After a high-profile incident, Recall Facebook messages lead to criminal charges For a 17-year-old girl whose mother is in miscarriage in Nebraska, Meta said Thursday it will expand end-to-end encryption testing in Messenger ahead of a planned global rollout.
This week, the company will automatically start adding end-to-end encryption in Messenger chats for more people. In the coming weeks, the number of people who can start using end-to-end encryption on Instagram direct messages will also increase.
Meanwhile, the company has begun testing a feature called “Secure Storage” that will allow users to restore chat history when they install Messenger on a new device. Backups can be secured with a PIN, and the feature is designed to prevent the company or anyone else from reading their contents.
The global offering is expected to be completed next year.
he said dead wired They have long planned to make these announcements, and that The fact that they came so soon after the abortion issue came up was a coincidence. However, I am less concerned with the timing than the practical challenges of making encrypted messaging the default choice for hundreds of millions of people. In recent conversations with Meta employees, I’ve come to understand more about what takes time — and how consumer indifference toward crypto has created challenges for the company as it works to create a secure messaging app that its user base will actually use.
It’s now been three years since Mark Zuckerberg, amid a constant shift away from public feeds toward private chats, announced the move forward. The company’s products will include encryption and privacy. At the time, WhatsApp was already end-to-end encrypted; The next step was to provide the same level of protection for Messenger and Instagram. Doing so required rebuilding the apps from almost scratch – and the teams encountered a number of hurdles along the way.
The first is that end-to-end encryption can be difficult to use. This is often the trade-off we make for more security, of course. But ordinary people may be less inclined to use a messaging app that requires them to set a PIN to retrieve old messages, or view information about the security of their messages that they find confusing or inappropriate.
The second related challenge is that most people don’t know what End-to-end encryption he is. Or, if they’ve heard of it, they may not be able to tell it apart from other, less secure forms of encryption. Gmail, among many other platforms, only encrypts messages when a message is transmitted between Google’s servers and your device. This is known as Transport Layer SecurityIt offers good protection for most users, but Google – or law enforcement – can still read the contents of your messages.
Meta user research shows that people get nervous when you tell them you’re adding end-to-end encryption, one employee told me, because it scares them that the company might have been reading their messages before. Users also sometimes assume that new features are being added for the Meta, rather than their own—which is one reason the company has called the stored message feature “Safe Storage,” rather than “Automatic Backups,” to emphasize the security in the brand.
When the company surveyed users earlier this year, I was told that only a minority were identified as being seriously concerned about their privacy.
On Tuesday, I wrote that companies like Meta should consider bypassing end-to-end encryption to make messages disappear by default. An employee told me this week that the company has considered doing this, but using the feature in Messenger so far – where it’s available as an option – has been so low that making it default has generated little enthusiasm internally.
On the contrary, I’m told, accessing old messages is a high priority for many Messenger users. Messing with that amount could send users searching for communications apps like the ones they’re used to — the kind that keep chat history stored on a server, where law enforcement might be able to request and read it.
The third challenge is that end-to-end encryption can be difficult to maintain even within Facebook, I’m told. Messenger is integrated into the product in ways that can break encryption – Watch Together, for example, allows people to message each other While watching a live video. But this introduces a third person into the chat, which makes encryption more difficult.
there is more. Encryption will not work unless everyone is using an updated version of Messenger; Not many people update their apps. It’s also hard to pack the encryption into a sister app like Messenger Lite, which is designed to have a small file size so it can be used by users with old phones or limited data access. The end-to-end encryption technology consumes a large amount of megabytes.
I bring all this up so I don’t excuse Meta for failing to roll out end-to-end encryption so far. The company has been working on the project steadily for three years, and while I was hoping it would move faster, I’m sympathetic to some of the concerns employees have raised with me over the past few days.
At the same time, I think Meta’s challenges in providing encryption to the masses in the messaging app raise real questions about the desire for security in these products. Activists and journalists take it for granted that they should use messaging apps that are already encrypted, and it’s best to use apps that don’t have server-side storage for messages, like Signal.
But Meta research shows that normal folks still haven’t received – well, the message. It’s an open question how the events of 2022, and whatever we are in for the next few years, can change that.
(Staff tell me that Meta’s drive to add encryption has rebounded after the invasion of Ukraine earlier this year, when accounts of Russian military personnel searching prisoners’ phones Draw attention to the dangers of permanently stored and easily accessible messages.)
Despite all the attention the Nebraska case got, it had almost nothing to do with a coup Raw vs. Wade: Nebraska already banned abortion after 20 weeks, and medical abortion at the heart of this case—which occurred at week 28—was illegal under state law even if it was Ro has been adhered to.
Yes, Meta delivered suspect messages when called, but there’s nothing surprising in that, either: The company received 214,777 requests in the second half of last year, about 364,642 different accounts; Produced at least some data 72.8 percent of the time. Facebook’s collaboration with law enforcement is the rule, not the exception.
In another way, this has everything to do with it Ro. Countless women will now seek out-of-state abortion care, possibly violating state law to do so, and will have to communicate about it with their partners, family, and friends. The coming months and years will bring as many stories as the Kansas case, drawing attention each time to how useful tech platforms can be to law enforcement in gathering evidence.
It is likely that the general indifference towards encryption on the part of most Facebook users will weather the coming storm of privacy invasions. But it seems to me that the culture is more likely to shift to requiring companies to collect and store less data, and do a better job of educating people about how to use their products safely.
If there is a positive side to any of this, it is that the increase in criminal prosecutions for abortion could create a huge new constituency organized to defend crypto. From India to me European Union to me United State, legislators and regulators have been undermining secure messaging for many years now. So far, it has been sustained in part thanks to a loose coalition of activists, academics, civil society groups, technology platforms, and journalists: in short, some people who rely on it the most.
but with Ro Having flipped, the number of people for whom encrypted messages are now a necessity has increased significantly. A cultural shift toward encryption can help maintain and expand access to secure messaging, both in the United States and around the world.
This transformation will take time. But there is a lot more tech platforms can do now, and hopefully they will.
“Unapologetic communicator. Wannabe web lover. Friendly travel scholar. Problem solver. Amateur social mediaholic.”