Facebook has shared an update on its long-awaited plans to turn on end-to-end encryption (E2EE) by default in its Messenger chat platform, saying it has begun testing the feature for chats “between some people” this week.
Facebook currently offers Messenger users the option to turn on E2EE on a per-chat basis, but such opt-in schemes are generally only embraced by a security-conscious minority. Making end-to-end encryption the default will be a big step: adding a substantial layer of security to a chat platform used by more than a billion people worldwide. It’s also likely to trigger arguments with governments who say E2EE hinders their ability to fight crime.
End-to-end encryption makes it harder, though not impossible, for third parties to read your conversations
End-to-end encryption means that Facebook cannot view the content of its users’ messages — only participants can. This makes it much harder (though not impossible) for third parties like hackers or law enforcement to snoop on digital conversations.
In recent years, Facebook parent Meta has been slowly adding more layers of encryption to its various chat platforms, but these efforts have not yet been unified. Chats on WhatsApp are encrypted by default using the same protocol offered by industry standard secure messenger Signal; opt-in encryption for Instagram DMs is currently being tested; and Messenger offers E2EE via its “disappearing messages” feature. (The app previously also offered a similar “vanish mode,” but this is being removed, as per Facebook’s update today.)
Facebook has been criticized for not making E2EE default on Messenger, especially in the wake of the reversal of Roe v. Wade in the United States, where digital footprints like app chats will be used as evidence in prosecuting newly criminalized abortions. This was highlighted in a case this week, where Facebook complied with a police search warrant to hand over the Messenger chat history of a Nebraskan teen and her mother, leading to the pair’s prosecution for charges related to the state’s preexisting abortion laws.
Facebook says making E2EE default is a challenging task given the size of its platforms
Facebook previously said it’s been slow to make E2EE default on all its chat platforms because of the difficulty of integrating such technology into apps used by billions and the need to balance user privacy with safety. In its update today, the company reiterated that it’s on track to make E2EE the default for all chats and calls on Messenger “in 2023.”
In addition to the new test of default E2EE, the company also announced a feature named “secure storage” that will encrypt cloud backups of users’ chat history on Messenger.
“[W]e’re testing secure storage to back up those messages in case you lose your phone or want to restore your message history on a new, supported device,” said the company. “As with end-to-end encrypted chats, secure storage means that we won’t have access to your messages, unless you choose to report them to us.”
Other new features being tested on Messenger include syncing deleted messages across devices; testing the ability to unsend messages; and adding encryption to hands-free messages sent on Messenger using the company’s Ray-Ban Stories smart glasses.