Facebook just made some big privacy promises, and they all hinge on encryption
Tech solutions are important, but so are a company's policies.
You’ve likely heard the term “end-to-end encryption” a lot recently. That’s because earlier this week, Mark Zuckerberg outlined what he sees for the future of Facebook, and one of its tenets is that the messaging services under the big blue Facebook umbrella—WhatsApp, Messenger, and direct messages on Instagram—will all have end-to-end encryption. Not only that, these messaging platforms will have what Zuckerberg describes as “interoperability”—meaning that presumably in the future, you could send a message from your WhatsApp account to a Facebook contact who would receive it on Messenger.
The greater context here is that Zuckerberg is emphasizing that he thinks secure—and sometimes disappearing—messages (compared to the semi-public broadcasts of the posts on your newsfeed) are going to become more fundamental than ever before. Here’s what to know about the pros and cons of Facebook’s new path and what it means for your future messages.
Encryption is good
If you value privacy, encryption is essential. The feature means that if someone—a government, a bad actor, even the company itself delivering the message—were to intercept the note along the way, the contents would be unreadable.
When you hear “end-to-end encryption,” know that the sender and receiver are each an “end” and everything in between is in code. Imagine speaking with a friend on an old-school landline, and a relative picks up—if that call were encrypted, all the eavesdropper would hear would be nonsense.
“End-to-end encryption is a secure messaging fundamental—it is absolutely a win for user privacy,” says Gennie Gebhart, the associate director of research at the Electronic Frontier Foundation (EFF). “It is great to see Facebook embracing that fundamental.”
But stay tuned for important caveats—this is Facebook, after all, a company’s whose business model relies on learning things about its users and then serving them targeted advertisements. If Facebook can’t read your messages, that’s one less avenue it might have to learn about you. Although on that topic, Zuckerberg told Wired’s Nicholas Thompson: “[W]e aren’t really using the content of messages to target ads today anyway.”
As for encryption itself, the exciting thing about it is that it is essentially impossible to break. That’s because messaging apps use a secret key to make the encryption possible. “To the best of our knowledge, as cryptographers, the amount of time it would take to decrypt those messages without knowing the key is hideously large,” says Bryan Parno, an associate professor of electrical and computer engineering at Carnegie Mellon University. He says the number of mathematical operations it would hypothetically take are in this same ballpark as the “number of atoms in the universe.”
So trying to break the encryption without the key won’t work. “Using the best techniques we know of today, it is so improbable that nobody is going to attack a system that way,” Parno adds.
But nothing is ever simple in the realm of privacy, security, apps run by companies, and human behavior.
All the caveats
Besides WhatsApp, other apps already offer end-to-end encryption, notably iMessage and Signal, which also encrypts your calls. Keep in mind that SMS text message are not secure.
But message encryption isn’t a perfect solution. One problem is the metadata associated with a coded message. An encrypted note has its contents obscured, but other useful information is not, points out Gebhart, of the EFF.
“What remains exposed with end-to-end encryption is everything but the message itself,” she notes. That can include details like who is sending and receiving it, and when it was sent.
That might not sound like a big deal, but Gebhart says the metadata can be still be revealing. Imagine that a government agency notices that an employee messaged a reporter—even if they don’t know what they said, the fact that they made the exchange and the timing of it could still get them in trouble. (In his blog post, Zuckerberg wrote that he thought it made “sense to limit the amount of time we store messaging metadata.”)
Another problem arises when information is backed up. Imagine you’re using WhatsApp on an iPhone, and do a routine backup to iCloud. That backup is still accessible by Apple, according to the EFF, which is another way someone could still view what you wrote. And anyone with access your phone, or the phone of the person you’re messaging with, could still view the conversation, of course.
Encryption is a foundation for privacy and security, but Gebhart says how Facebook actually implements these changes really matters. “Facebook is going to be making that decision for the largest messengers on Earth,” she says. “It’s a little terrifying, honestly, to have these decisions being made by an entity that does not have a good track record for meeting user expectations and handling their information in a responsible way.”
For example, as TechCrunch recently explained, if you added a phone number to your account for two-factor identification, your digits could be used to find you on the network. And remember, your phone number is also associated with your WhatsApp account.
Any changes that combine accounts should also be opt-in, Gebhart says. Someone may understandably want to keep WhatsApp (perhaps they use it professionally) separate from Messenger (representing their Facebook friends). In his blog post, Zuckerberg said it would indeed be optional.
Ultimately, it’s important to remember Facebook’s track record. “The really cynical view is that Mark Zuckerberg’s announcement is just his latest and most elaborate and detailed apology,” Gebhart says. The proof will be in how this mission is executed and what the company’s policies are.
“I could never really get on board with a tool, even one that made perfect technical choices,” she adds, “unless it were maintained and developed by a trustworthy group with a history of responsible stewardship.”