34 with 31 posters participating
Meta is ever so slowly expanding its trial of end-to-end encryption in a bid to protect users from snoops and law enforcement.
End-to-end encryption, often abbreviated as E2EE, uses strong cryptography to encrypt messages with a key that is unique to each user. Because the key is in the sole possession of each user, E2EE prevents everyone else—including the app maker, ISP or carrier, and three-letter agencies—from reading a message. Meta first rolled out E2EE in 2016 in its WhatsApp and Messenger apps, with the former providing it by default and the latter offering it as an opt-in feature. The company said it expects to make E2EE the default setting in Messenger by sometime next year. The Instagram messenger, meanwhile, doesn’t offer E2EE at all.
Starting this week, the social media behemoth will begin testing a secure online storage feature for Messenger communication. For now, it’s available only to select users who connect using either an iOS or Android device. Users who are selected will have the option of turning it on.
“Secure storage will be the default way to protect the history of your end-to-end encrypted conversations on Messenger, and you’ll have multiple options for restoring your messages if you choose to do so,” Meta said in a post on Thursday. “There will be two end-to-end encrypted options for accessing your backups: either create a PIN or generate a code, both of which you’ll need to save.”
Nebraska issued a subpoena to Meta for use in the prosecution of a 17-year-old who received an abortion. Meta said the subpoena did not mention abortion and that the company was legally compelled to comply. Critics, however, faulted Meta for storing messages in cleartext. Had the company offered E2EE, it would have been impossible for police to read the seized messages.
please stop saying “this desperate person in a frightening situation shouldn’t have been using Facebook” and start saying “every tech company has a moral responsibility to implement end-to-end encryption by default on all messaging services, immediately.”
— Evan Greer (@evan_greer) August 10, 2022
In an email, a Meta spokesman said the expansion wasn’t in response to the Nebraska case.
“We’re starting public tests today and in the coming weeks and wanted to make sure we explained what those are,” he said. “We’ve had this in the works for a while and have been regularly sharing updates on our progress toward default end-to-end encryption for personal messages and chats (Jan 2022 and Aug 2021).”
It’s great that Meta is following through, however incrementally, with the testing of E2EE. A much more secure messaging platform is Signal, which stores practically no unencrypted data belonging to its users. Those who insist on using Meta messaging products should choose either WhatsApp or Messenger, with E2EE turned on in the settings.