End-to-End Encryption not coming to Facebook Messenger and Instagram soon


1, 2021

Facebook has been working on adding End-to-End Encryption (EEE) to its services since 2019, but in a recent blog post, the company revealed that the privacy feature will not be arriving any time soon.

In a blog post talking about Facebook’s Safety and Security plans, the company revealed support for EEE will not arrive until 2022 at the earliest.

While we expect to make more progress on default end-to-end encryption for Messenger and Instagram Direct this year, it’s a long-term project and we won’t be fully end-to-end encrypted until sometime in 2022 at the earliest. Moreover, the safety features we’ve already introduced are designed to work with end-to-end encryption, and we plan to continue building strong safety features into our services.

This is somewhat worrying since Facebook is intent on unifying their WhatsApp, Facebook Messenger and Instagram Direct messaging service, and WhatsApp already offers EEE by default.

Hopefully, this means Facebook will delay the integration rather than reduce WhatsApp’s security level.

The delay may be political rather than technical, with Facebook coming under significant opposition from law enforcement and child safety advocates for potentially hiding illegal communication from the view of the authorities.

Facebook itself notes:

We need to find a balance of safety, privacy, and security. There is a clear need to balance the privacy and security of people’s messages with maintaining a safe environment and providing data to law enforcement in response to potential real world harms. We discussed tools that can protect people’s privacy while also preventing harm from happening in the first place, using behavioural signals, traffic data or user reports rather than access to the content of all messages. There was no consensus on a recommended approach, but experts encouraged more consultation to help strike an appropriate balance.

It remains to be seen if this is a problem even Facebook can solve.

via XDA-Dev

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}