Despite ongoing concerns about the proposal among various authorities, Facebook is pushing ahead with its plan to implement full end-to-end encryption by default within all of its messaging tools.
Within an overview of a recent virtual workshop Facebook held with experts in privacy, safety, human rights and consumer protection, the company noted that:
“We’re working hard to bring default end-to-end encryption to all of our messaging services. This will protect people’s private messages and mean only the sender and recipient, not even us, can access their messages. While we expect to make more progress on default end-to-end encryption for Messenger and Instagram Direct this year, it’s a long-term project and we won’t be fully end-to-end encrypted until sometime in 2022 at the earliest.”
The news of Facebook’s continued work on this front will please privacy advocates – but as noted, various authorities have raised significant concerns with the plan, with respect to how such a process could be used to hide criminal activity, with no way for authorities to track such exchanges.
Which maybe they shouldn’t have – but then again…
Facebook first announced its messaging encryption plan in March 2019, as part of a move towards facilitating more data transfer options via its messaging tools.
As explained by Facebook CEO Mark Zuckerberg:
“End-to-end encryption is an important tool in developing a privacy-focused social network. Encryption is decentralizing – it limits services like ours from seeing the content flowing through them and makes it much harder for anyone else to access your information. This is why encryption is an increasingly important part of our online lives, from banking to healthcare services.”
So the focus of the project, at least initially, seemed to be on expanding the use of messaging in new ways, like funds transfers and eCommerce, which aligns with Facebook’s broader efforts to make its messaging tools the key connector in regions like India and Indonesia, where digital adoption is on the rise.
But immediately, various organizations sounded the alarm, noting that full encryption would make Facebook’s tools a safe haven for criminal activity.
In October 2019, representatives from the US, UK and Australia co-signed an open letter to Facebook which called on the company to abandon its end-to-end encryption plans, arguing that it would:
“…put our citizens and societies at risk by severely eroding capacity to detect and respond to illegal content and activity, such as child sexual exploitation and abuse, terrorism, and foreign adversaries’ attempts to undermine democratic values and institutions, preventing the prosecution of offenders and safeguarding of victims.”
The Governments of each region called for Facebook to provide, at the least, ‘backdoor access’ for official investigations, which Facebook has refused.
The debate over the proposal has raged on ever since, with the UK’s digital minister recently warning that he has “very grave concerns” about Facebook’s plan, while the National Society for the Prevention of Cruelty to Children has argued that move sees the tech giant prioritizing the privacy of adults over their duty of care to children.
As per NSPCC chief executive Peter Wanless:
“Private messaging is at the front line of child sexual abuse, but the current debate around end-to-end encryption risks leaving children unprotected where there is most harm.”
That’s the most compelling, and important argument against the move at present. By providing full encryption across all of its messaging apps, Facebook would essentially hide all communications by predators and those who would seek to use such systems for child exploitation, which could then lead to an expansion of such activity.
Of course, WhatsApp messages are already end-to-end encrypted by default, so you could equally argue that such capacity already exists. But then again, the expansion of such to all messaging platforms, in alignment with Facebook’s plan to integrate all of its messaging tools into a single platform, would greatly boost this capacity, which underlines the stated concerns.
The argument then comes down to your personal feelings on the matter. Is Facebook looking to implement full encryption to better protect user information, or is it looking to boost its own business potential, with a focus on making people more comfortable in transferring private data, like financial and health information?
Another argument is that full encryption would enable Facebook to escape scrutiny around what’s being shared – if it has no way of knowing what users are sharing with each other via messages, it can’t be held responsible for such either.
Again, it comes down to your perspective – will encryption provide protection for criminals, or should Facebook be looking to provide more data privacy, in line with rising industry shifts?
As an aside, it’s interesting to note Facebook’s pushback against Apple’s new ATT prompts, which provide more data privacy options for users, while also advocating for increased user privacy in messages.
One way or another, it seems that Facebook is going to test how much authorities are really opposed to its plan.