Facebook has long been criticized for not using end-to-end encryption as the default option for its messaging service, but that could soon change.
Facebook announced this week that it has begun testing end-to-end encryption by default among some users of its Messenger app. The company plans to roll out the feature for messages and calls globally next year.
With end-to-end encryption, Facebook and its parent company Meta cannot see their users’ private conversations, only senders and recipients can. This is an important security feature that protects users from cybercriminals and hackers, as well as law enforcement, who may require social media platforms to provide private chat history as part of an investigation .
Facebook’s announcement comes amid backlash from privacy advocates after the company turned over private messages between a mother and daughter to a Nebraska police department in an abortion-related case. Facebook said its security update is unrelated to the Nebraska case.
So far, WhatsApp is the only Meta-owned service that uses end-to-end encryption by default.
Last year, Meta began testing end-to-end encryption of messages and calls on Instagram. In February, it expanded the test to include adults in Ukraine and Russia. Meta has said it wants to expand this test to include people from more countries and different age groups.
Facebook already offers users end-to-end encryption for so-called “secret chats,” which must be enabled. It’s unclear what percentage of Facebook’s 3 billion users actually encrypt their chats.
Making end-to-end encryption the default would be an important step, especially given the fears in the wake of the overturning of Roe v. Wade of the Supreme Court that private posts and messages could be used to prosecute women seeking reproductive health care.
While digital privacy advocates support Meta’s security update, they said the move should have come sooner since the issue of end-to-end encryption has been debated for years.
“The demand is simple: all messaging services should be end-to-end encrypted by default, as soon as humanly possible. Anything less is dangerous,” said Evan Greer, director of the no-nonsense organization. of digital rights profit Fight for the Future.
Facebook security updates
In addition to end-to-end encryption by default, Facebook is also testing a new secure storage feature to back up users’ messages in case they lose their mobile phone or computer and decide to restore their history of messages on another device.
With end-to-end encryption, Facebook will not have access to these messages unless a user is reported for violating Facebook’s policies.
To access these backups, users must create a PIN or generate a code that only they know. Another option is to use a cloud service like iCloud to store a secret key that allows users to access backups. The latter method is safe, but not protected by Messenger’s end-to-end encryption, Facebook said.
In the coming weeks, the company will release more tests and updates to its end-to-end encrypted chats. For example, deleted messages will be synced across devices, and users will be able to stop sending messages or replies to Facebook stories.
Daryna Antoniuk is a freelance journalist for The Record based in Ukraine. He writes about cybersecurity startups, cyberattacks in Eastern Europe, and the state of the cyberwar between Ukraine and Russia. She was previously a technology reporter for Forbes Ukraine. His work has also been published in Sifted, The Kyiv Independent and The Kyiv Post.