Skip to main content

Why it’s taking so long to encrypt Facebook Messenger

Why it’s taking so long to encrypt Facebook Messenger

/

Inside the company’s end-to-end encryption conundrum

Share this story

Illustration by Alex Castro / The Verge

After a high-profile incident in which subpoenaed Facebook messages led to felony charges for a 17-year-old girl and her mother in a Nebraska abortion case, Meta said Thursday that it would expand testing of end-to-end encryption in Messenger ahead of a planned global rollout.

This week, the company will automatically begin to add end-to-end encryption in Messenger chats for more people. In the coming weeks, it will also increase the number of people who can begin using end-to-end encryption on direct messages in Instagram.

Meanwhile, the company has begun to test a feature called “secure storage” that will allow users to restore their chat history when they install Messenger on a new device. Backups can be locked by a PIN, and the feature is designed to prevent the company or anyone else from being able to read their contents.

The global rollout is expected to be completed next year.

Consumer apathy toward encryption has created challenges for Meta

Meta told Wired that it had long planned to make these announcements, and that the fact that they came so soon after the abortion case came to light was a coincidence. I’m less interested in the timing, though, than the practical challenges of making encrypted messaging the default for hundreds of millions of people. In recent conversations with Meta employees, I’ve come to understand more about what’s taking so long — and how consumer apathy toward encryption has created challenges for the company as it works to create a secure messaging app that its user base will actually use.

It has now been three years since Mark Zuckerberg announced, amid an ongoing shift away from public feeds toward private chats, that going forward the company’s products would embrace encryption and privacy. At the time, WhatsApp was already encrypted end to end; the next step was to bring the same level of protection to Messenger and Instagram. Doing so required that the apps be rebuilt almost from scratch — and teams have encountered a number of roadblocks along the way.

The first is that end-to-end encryption can be a pain to use. This is often the tradeoff we make in exchange for more security, of course. But average people may be less inclined to use a messaging app that requires them to set a PIN to restore old messages, or displays information about the security of their messages that they find confusing or off-putting.

The second, related challenge is that most people don’t know what end-to-end encryption is. Or, if they’re heard of it, they might not be able to distinguish it from other, less secure forms of encryption. Gmail, among many other platforms, encrypts messages only when a message is in transit between Google’s servers and your device. This is known as transport layer security, and it offers most users good protection, but Google — or law enforcement — can still read the contents of your messages.

Only a minority identified as being significantly concerned about their privacy

Meta’s user research has shown that people grow concerned when you tell them you’re adding end-to-end encryption, one employee told me, because it scares them that the company might have been reading their messages before now. Users also sometimes assume new features are added for Meta’s benefit, rather than their own — that’s one reason the company labeled stored-message feature “secure storage,” rather than “automatic backups,” so as to emphasize security in the branding.

When they company surveyed users earlier this year, only a minority identified as being significantly concerned about their privacy, I’m told.

On Tuesday, I wrote that companies like Meta should consider going beyond end-to-end encryption to make messages disappear by default. One employee told me this week that the company has considered doing so, but usage of the feature in Messenger to date — where it is available as an option — has been so low that making it a default has generated little enthusiasm internally.

On the contrary, I’m told, access to old messages is a high priority for many Messenger users. Messing with that too much could send users scrambling for communications apps like the ones they’re used to — the kind that keep your chat history stored on a server, where law enforcement may be able to request and read it.

A third challenge is that end-to-end encryption can be difficult to maintain even within Facebook, I’m told. Messenger is integrated into the product in ways that can break encryption — Watch Together, for example, lets people message each other while watching live video. But that inserts a third person into the chat, making encryption much more difficult.

Activists and journalists take it for granted that they should be using encrypted messaging apps

There’s more. Encryption won’t work unless everyone is using an up-to-date version of Messenger; lots of people don’t update their apps. It’s also tough to pack encryption into a sister app like Messenger Lite, which is designed to have a small file size so it can be used by users with older phones or limited data access. End-to-end encryption technology takes up a lot of megabytes.

I bring all this up not to excuse Meta for failing to roll out end-to-end encryption up to now. The company has been working on the project steadily for three years, and while I wish it were moving faster, I’m sympathetic to some of the concerns that employees raised with me over the past few days.

At the same time, I think Meta’s challenges in bringing encryption to the masses in its messaging app raise real questions about the appetite for security in these products. Activists and journalists take it for granted that they should be using encrypted messaging apps already, ideally one with no server-side storage of messages, such as Signal.

But Meta’s research shows that average people still haven’t gotten — well, the message. And it’s an open question how the events of 2022, as well as whatever we’re in for in the next few years, may change that.

Facebook cooperating with law enforcement is the rule, not the exception

(Employees told me that Meta’s push to add encryption picked up after the invasion of Ukraine earlier this year, when stories about Russian military personnel searching captives’ phones drew attention to the dangers of permanently stored, easily accessible messages.)

For all the attention the Nebraska case got, it had almost nothing to do with the overturning of Roe vs. Wade: Nebraska already banned abortion after 20 weeks, and the medical abortion at the heart of this case — which took place at 28 weeks — would have been illegal under state law even had Roe been upheld.

Yes, Meta turned over the suspects’ messages upon being subpoenaed, but there’s nothing surprising about that, either: the company got 214,777 requests in the second half of last year, about 364,642 different accounts; it produced at least some data 72.8 percent of the time. Facebook cooperating with law enforcement is the rule, not the exception.

In another way, though, this has everything to do with Roe. Untold numbers of women will now be seeking abortion care out of state, possibly violating state law to do so, and they’ll need to communicate about it with their partners, family, and friends. The coming months and years will bring many more stories like the Kansas case, drawing fresh attention each time to how useful tech platforms are to law enforcement in gathering evidence.

The number of people for whom encrypted messaging is now a necessity has grown markedly

It’s possible the general apathy toward encryption of most Facebook users will survive the coming storm of privacy invasions. But it strikes me as much more likely that the culture will shift to demand that companies collect and store less data, and do a better job educating people about how to use their products safely.

If there’s a silver lining in any of this, it’s that the rise in criminal prosecutions for abortion could create a massive new constituency organized to defend encryption. From India to the European Union to the United States, lawmakers and regulators have been working to undermine secure messages for many years now. To date, it has been preserved thanks in part to a loose coalition of activists, academics, civil society groups, tech platforms, and journalists: in short, some of the people who rely upon it most.

But with Roe overturned, the number of people for whom encrypted messaging is now a necessity has grown markedly. A cultural shift toward encryption could help preserve and expand access to secure messaging, both in the United States and around the world.

That shift will take time. But there’s much that tech platforms can do now, and here’s hoping they will.

Today’s Storystream

Feed refreshed Two hours ago Midjourneys

E
External Link
Emma RothTwo hours ago
Celsius’ CEO is out.

Alex Mashinsky, the head of the bankrupt crypto lending firm Celsius, announced his resignation today, but not after patting himself on the back for working “tirelessly to help the company.”

In Mashinsky’s eyes, I guess that means designing “Unbankrupt yourself” t-shirts on Cafepress and then selling them to a user base that just had their funds vaporized.

At least customers of the embattled Voyager Digital crypto firm are in slightly better shape, as the Sam Bankman-Fried-owned FTX just bought out the company’s assets.


M
Twitter
Mary Beth GriggsTwo hours ago
NASA’s SLS rocket is secure as Hurricane Ian barrels towards Florida.

The rocket — and the Orion spacecraft on top — are now back inside the massive Vehicle Assembly Building. Facing menacing forecasts, NASA decided to roll it away from the launchpad yesterday.


A
External Link
Andrew J. Hawkins1:30 PM UTC
Harley-Davidson’s electric motorcycle brand is about to go public via SPAC

LiveWire has completed its merger with a blank-check company and will make its debut on the New York Stock Exchange today. Harley-Davison CEO Jochen Zeitz called it “a proud and exciting milestone for LiveWire towards its ambition to become the most desirable electric motorcycle brand in the world.” Hopefully it also manages to avoid the cash crunch of other EV SPACs, like Canoo, Arrival, Faraday Future, and Lordstown.


A
The Verge
Andrew Webster1:06 PM UTC
“There’s an endless array of drama going on surrounding Twitch right now.”

That’s Ryan Morrison, CEO of Evolved Talent Agency, which represents some of the biggest streamers around. And he’s right — as you can read in this investigation from my colleague Ash Parrish, who looked into just what’s going on with Amazon’s livestreaming service.


R
The Verge
Richard Lawler12:59 PM UTC
Green light.

NASA’s spacecraft crashed, and everyone is very happy about it.

Otherwise, Mitchell Clark is kicking off the day with a deeper look at Dish Network’s definitely-real 5G wireless service , and Walmart’s metaverse vision in Roblox is not looking good at all.


J
External Link
Jess Weatherbed11:49 AM UTC
Won’t anyone think of the billionaires?

Forbes reports that rising inflation and falling stock prices have collectively cost members of the Forbes 400 US rich list $500 billion in 2022 with tech tycoons suffering the biggest losses.

Jeff Bezos (worth $151 billion) lost $50 billion, Google’s Larry Page and Sergey Brin (worth a collective $182b) lost almost $60b, Mark Zuckerberg (worth $57.7b) lost $76.8b, and Twitter co-founder Jack Dorsey (worth $4.5b) lost $10.4b. Former Microsoft CEO Steve Ballmer (worth $83b) lost $13.5b while his ex-boss Bill Gates (worth $106b) lost $28b, albeit $20b of that via charity donations.


T
Thomas Ricker6:45 AM UTC
Check out this delightful DART Easter egg.

Just Google for “NASA DART.” You’re welcome.


R
Twitter
Richard Lawler12:00 AM UTC
A direct strike at 14,000 mph.

The Double Asteroid Redirection Test (DART) scored a hit on the asteroid Dimorphos, but as Mary Beth Griggs explains, the real science work is just beginning.

Now planetary scientists will wait to see how the impact changed the asteroid’s orbit, and to download pictures from DART’s LICIACube satellite which had a front-row seat to the crash.


M
The Verge
We’re about an hour away from a space crash.

At 7:14PM ET, a NASA spacecraft is going to smash into an asteroid! Coverage of the collision — called the Double Asteroid Redirection Test — is now live.


E
Twitter
Emma RothSep 26
There’s a surprise in the sky tonight.

Jupiter will be about 367 million miles away from Earth this evening. While that may seem like a long way, it’s the closest it’s been to our home planet since 1963.

During this time, Jupiter will be visible to the naked eye (but binoculars can help). You can check where and when you can get a glimpse of the gas giant from this website.