The system requires Internet.org to work as a proxy between users and the wider internet, compressing traffic for efficiency and stripping out any extraneous data requests, which ruled out conventional HTTPS. Since the proxy needs to inspect and potentially alter traffic as it passes through, it's impossible to deploy truly end-to-end web encryption. Instead, Internet.org has opted for a two-part system, encrypting all web traffic between the user and Internet.org servers, then passing along the traffic to the host with whatever encryption the host wishes to deploy. (Encrypted access is also available through Internet.org's Android app, which launched in June.) The result secures traffic whenever it travels over the public web, but still gives Internet.org central access to the all the data sent through the service.

At the same time, Internet.org is pledging not to store any data on how people actually use the services. In its new data retention policy, the service promises to only store domain name information and the amount of data used, along with device information that would be visible even if the traffic were encrypted. More detailed information will still be visible to internet.org, but the platform says it won't collect that data.

The new system gives internet.org users a secure way to connect, solving one of the biggest problems facing the project. Still, it will do little to address the concerns of net neutrality advocates, who see Internet.org giving Facebook too much power over the services available to users in the developing world. The service has already expanded access to one billion people across 19 different countries, moving into South Africa, Senegal, and Bolivia this past summer.