Meta Delays Default Encryption For Messenger And Instagram Until 2023: Report
Meta, the parent company of Facebook, Instagram, and WhatsApp, has decided to put its default end-to-end encryption plan for Messenger and Instagram on hold until 2023, after merging Facebook Messenger and Instagram chats for its users last year.
Antigone Davis, Meta’s head of safety, attributes the delay to user safety concerns in a post on The Telegraph.
“We’re taking our time to get this right, and we don’t expect to complete the global rollout of end-to-end encryption by default across all of our messaging services until sometime in 2023,” Antigone Davis wrote in The Telegraph.
“As a company that connects billions of people around the world and has developed industry-leading technology, we’re determined to protect people’s private communications and keep people safe online,” the company added.
With E2EE, only the sender and recipient will be able to see their conversations; the company wants to make sure that this does not intrude with the platform’s ability to aid in the detection of illegal activity.
Facebook began rolling out encryption to its Messenger service in 2016, but it only works when users use the service’s Secret Conversation feature.
Meta stated earlier this year that default E2EE would be available on Instagram and Messenger “sometime in 2022 at the earliest.”
Over the years, Facebook has been chastised for being slow to implement end-to-end encryption as a default on all of its platforms.
Furthermore, Meta intends to unify the infrastructure underlying the three messaging platforms – Messenger, WhatsApp, and Instagram Direct.
Concerning End-To-End Encryption
People value privacy and security, which is why designers built end-to-end encryption into our app. End-to-end encryption protects one’s messages, photos, videos, voice messages, documents, status updates, and phone calls from being intercepted.
End-to-end encrypted chats between among people have their own security code, which is used to ensure that the calls and messages users send to that chat are end-to-end encrypted.
The verification process is only used to confirm that the messages and calls users send are end-to-end encrypted and is not required for end-to-end encrypted chats.
This code can be found in the contact information screen as a QR code as well as a 60-digit number. These codes are unique to each chat and can be compared between people in the chat to ensure that the messages users send are end-to-end encrypted.
Security codes are simply visible versions of the special key individuals share and people don’t need to worry, it’s not the actual key itself, which is always kept secret.
Privacy And Protection
End-to-end encryption “scrambles” or encrypts data as it travels between phones and other devices.
Typically, the only way to read the message is to gain physical access to the unlocked device that sent or received it.
The innovation is used by the popular messaging app WhatsApp, which is also owned by Meta, but not by the company’s other apps.
Last year, the NSPCC sent Freedom of Information requests to 46 police forces in England, Wales, and Scotland, requesting a breakdown of the platforms used to commit sexual offences against children.
The responses revealed:
- According to the responses, over 9,470 instances of child sex abuse images and online child sex offences were reported to police.
- 52 percent of these occurred on Facebook-owned apps.
- Over a third of the cases occurred on Instagram, 13% on Facebook and Messenger, and only a few on WhatsApp.
This has raised concerns that Meta’s plans to expand encryption to extensively used Facebook Messenger and Instagram direct messages will protect the vast majority of offenders from tracking.
According to the NSPCC, encrypting messages by default could facilitate the spread of child abuse imagery or online grooming.
However, proponents argue that encryption protects users’ privacy and prevents eavesdropping by both governments and unscrupulous hackers. When Facebook’s encryption plans were announced in 2019, Meta CEO Mark Zuckerberg made those arguments himself.
Getting It Right
According to Antigone Davis, Meta’s global head of safety, the delay in implementing encryption until 2023 is due to the company’s desire to get this right.
The company had previously stated that the change would take effect no later than 2022.
“As a company that connects billions of people worldwide and has built industry-leading technology, we’re determined to protect people’s private communications and keep people safe online,” Ms. Davis said.
Ms. Davis also outlined a number of additional preventative measures that the company had already implemented, such as:
- “Proactive detection technology” scans for suspicious patterns of activity, such as a user who repeatedly creates new profiles or messages a large number of people they don’t know.
- By default, under-18 users are placed in private or “friends only” accounts, and adults are barred from messaging them if they aren’t already connected.
- Educating young people on how to avoid unwanted interactions through in-app tips.
The NSPCC’s Andy Burrows, head of child safety online policy, welcomed Meta’s delay.
“They should only go ahead with these measures when they can demonstrate they have the technology in place to ensure children are not at greater risk of abuse,” he said.
More than 18 months after an NSPCC-led global coalition of 130 child protection organizations raised the alarm about the dangers of end-to-end encryption, Facebook must now demonstrate that it is serious about child safety risks and not just playing for time while dealing with difficult headlines.
Why Does Provide End-To-End Encryption, And What Does It Mean For Keeping People Safe?
Any App’s security is critical to the service it provides. There are numerous examples of criminal hackers obtaining vast amounts of private data illegally and using technology to harm people with their stolen information. Since the completion of end-to-end encryption implementation in 2016, digital security has become even more important.
WhatsApp is unable to view the content of encrypted messages or listen in on encrypted calls. This is because the encryption and decryption of WhatsApp messages is done entirely on one’s device. Before a message ever leaves the device, it is protected by a cryptographic lock, to which only the recipient has the keys.
Furthermore, the keys change with each and every message sent. While all of this is going on behind the scenes, users can check the security verification code on their device to ensure the conversations are secure.