Why it takes so long to encrypt Facebook Messenger
August 12, 2022
After a high-profile incident in which subpoenaed Facebook posts led to charges against a 17-year-old girl and her mother in a Nebraska abortion case, Meta said Thursday it would expand testing of end-to-end encryption in Messenger from a planned global rollout.
This week, the company will automatically start adding end-to-end encryption to Messenger chats for more people. In the coming weeks, it will also increase the number of people who can start using end-to-end encryption for direct messages on Instagram.
Meanwhile, the company has begun testing a feature called “secure storage” that will allow users to restore their chat history when they install Messenger on a new device. Backups can be locked with a PIN and the feature is designed to prevent the company or anyone else from reading their contents.
The global rollout is expected to be completed next year.
Meta told wired that it had been planning to make these announcements for a long time, and that the fact that they were made so soon after the abortion case came to light was a coincidence. However, I’m less interested in the timing than the practical challenges of making encrypted messages the default for hundreds of millions of people. In recent conversations with Meta employees, I’ve come to understand more about what takes so long — and how consumer apathy toward encryption has created challenges for the company as it works to create a secure messaging app that will empower its users. will actually use.
It’s now been three years since Mark Zuckerberg announced, amid an ongoing shift from public feeds to private chats, that the company’s products would embrace encryption and privacy in the future. Back then, WhatsApp was already end-to-end encrypted; the next step was to bring the same level of protection to Messenger and Instagram. This required the apps to be rebuilt almost from scratch – and teams have encountered a number of roadblocks along the way.
The first is that end-to-end encryption can be tricky to use. This is of course often the trade-off we make in exchange for more security. But average people may be less likely to use a messaging app that requires them to set up a PIN to restore old messages, or to display security information for their messages that they find confusing or off-putting.
The second, related challenge is that most people don’t know what end-to-end encryption is. Or, if they’ve heard of it, they may not be able to distinguish it from other, less secure forms of encryption. Gmail, among many other platforms, only encrypts messages when a message is sent between Google’s servers and your device. Known as transport layer security, this provides good protection for most users, but Google — or law enforcement — can still read the content of your messages.
Meta’s user research has shown people worry if you tell them you’re adding end-to-end encryption, one employee told me, because it scares them that the company may have read their posts before. Users also sometimes assume that new features were added for Meta’s benefit, rather than their own — which is one of the reasons the company called the saved messages feature “secure storage” rather than “automatic backups.” ‘, to emphasize safety in the surf.
When they surveyed users earlier this year, I was told that only a minority were seriously concerned about their privacy.
On Tuesday, I wrote that companies like Meta should consider moving beyond end-to-end encryption to make messages disappear by default. An employee told me this week that the company has considered doing this, but usage of the feature in Messenger so far – where it’s available as an option – has been so low that it has sparked little enthusiasm internally to make it standard. to make.
On the contrary, I was told that accessing old messages is a high priority for many Messenger users. If you’re too concerned with that, users can search for communication apps like they used to — the kind that store your chat history on a server, where law enforcement can query and read it.
A third challenge is that end-to-end encryption can be difficult to maintain, even within Facebook, I’m told. Messenger is integrated into the product in ways that can break encryption – Watch Together, for example, lets people message each other while watching live video. But that adds a third person to the chat, making coding much more difficult.
There is more. Encryption won’t work unless everyone is using an up-to-date version of Messenger; many people don’t update their apps. It’s also hard to pack encryption into a sister app like Messenger Lite, which is designed to have a small file size so it can be used by users with older phones or limited access to data. End-to-end encryption technology takes up many megabytes.
I bring all this up so as not to apologize to Meta for not rolling out end-to-end encryption so far. The company has been working steadily on the project for three years now, and while I wish it could go faster, I understand some of the concerns that employees have expressed to me over the past few days.
At the same time, I think Meta’s challenges in bringing encryption to the masses in its messaging app raise real questions about the demand for security in these products. Activists and journalists assume they should already be using encrypted messaging apps, ideally one without server-side message storage, such as Signal.
But Meta’s research shows that the average people still haven’t gotten — well, the message. And it’s an open question how the events of 2022, as well as what we will experience in the coming years, can change that.
(Workers told me that Meta’s push to add encryption was picked up after the invasion of Ukraine earlier this year, when stories of Russian soldiers searching prisoners’ phones drew attention to the dangers of permanently stored, easily accessible messages.)
Despite all the attention the Nebraska case received, it had almost nothing to do with the overthrow of… Roe vs. wade: Nebraska banned abortion as early as 20 weeks, and the medical abortion at the heart of this case — which happened after 28 weeks — would have been illegal under state law roe maintained.
Yes, Meta passed on the suspects’ messages after subpoena, but there’s nothing surprising about that either: The company received 214,777 requests in the second half of last year, about 364,642 different accounts; it produced data at least 72.8 percent of the time. Facebook’s collaboration with law enforcement is the rule, not the exception.
But in a different way this has everything to do with roe. Countless women will now seek out-of-state abortion care, potentially violating state law to do so, and will need to communicate about this with their partners, family and friends. The coming months and years will bring many more stories, such as the Kansas case, each time drawing attention to how useful tech platforms are for law enforcement in collecting evidence.
It’s possible that the general apathy of most Facebook users will survive the coming storm of privacy breaches. But it seems much more likely to me that the culture will shift towards requiring companies to collect and store less data and better educate people on how to use their products safely.
If there’s one bright spot in all of this, it’s that the proliferation of abortion charges could create a massive new constituency organized to defend encryption. From India to the European Union to the United States, legislators and regulators have been working to undermine secure messaging for many years. It has survived to this day, thanks in part to a loose coalition of activists, academics, civil society groups, technology platforms and journalists: in short, some of the people who rely on it the most.
But with roe destroyed, the number of people for whom encrypted messaging is now a necessity has grown significantly. A cultural shift to encryption could help maintain and expand access to secure messaging, both in the United States and around the world.
That shift will take time. But there’s a lot that tech platforms can do now, and I hope they will.