CDT Welcomes Rollout of Encryption-by-Default for Facebook Messenger

On December 6, Meta Platforms announced that it has begun rolling out end-to-end encryption (E2EE) by default for 1:1 messaging on Facebook Messenger. This welcome change will come to fruition over the next few months, eventually covering all communications sent on Messenger. Meta also released technical information and white papers to further detail its plans and approach. WhatsApp, another messaging service Meta owns, has long been encrypted end-to-end by default. Meta has previously announced that direct messages on Instagram, its photo and video sharing platform, will also become E2EE by default; roll out of that feature is on a slower timeline. The extension of E2EE to additional services is a positive development that CDT has long advocated as providing important protections to users. 

In an E2EE service, only the sender and the intended recipient(s) can understand the contents of a message. The intermediary — in this case, Meta — cannot gain such access and therefore cannot turn over messages to governments that demand it and cannot target advertisements based on message content (which Meta does not do anyway). However, metadata the service collects from its users’ activities on the platform — such as information about who communicated with whom — can be retained and turned over to law enforcement either voluntarily or when compelled by legal process such as a court order. 

The technical details, outlined in Meta’s white papers, determine key features of privacy and confidentiality for users. The design features for Messenger do not in all cases meet the highest security standard for end-to-end encrypted messaging, such as those of Signal. While the Signal protocol will power encryption on Messenger and already powers encryption on WhatsApp, Meta’s technical specifications outlined in the white papers indicate that in the case of Messenger, Meta will store encrypted backups of messages and message attachments on its servers by default (rather than on a user’s device). This facilitates usability and message recovery. 

Meta apparently made this tradeoff because Messenger is unlike Signal and WhatsApp in one fundamental way: most people access it through the web, not a mobile app. Users expect that all of their messages on Messenger will be available to them at all times and from all devices from which they can access the web. Maintaining encrypted backups of messages on Meta’s servers ensures that a person can access their messages no matter the device the person is using, and recover their messages when the device on which they were sent or received is damaged, destroyed, or lost. The high availability of web-first messaging accessible from multiple devices presents a challenge for strong end-to-end encryption. In extending E2EE to more people than ever before, Meta is prioritizing some aspects of usability over strict security in its implementation of E2EE.

This design will result in creation on Meta’s servers of persistent, encrypted backups of messages. Although Meta will still have no way to decrypt these backups and provide message contents to law enforcement, this choice does break perfect forward secrecy (which is a security property that prevents the ability to decrypt all historical or future messages if access to just one message is achieved). Some users may have concerns about storage of encrypted backups of their messages on Meta servers, rather than on their own devices (at just the “ends”), and may be willing to forgo the benefits of those encrypted backups. Meta will allow those users to opt out of encrypted backups, and prompts users to consider doing so when they are using Messenger. Meta should further explain to users the tradeoffs they will be making when deciding whether to back up their data.

CDT applauds Meta for taking this action to enhance the security of the communications of the billion+ Messenger users. Indeed, we helped form the Global Encryption Coalition a few years ago in part to encourage companies to extend E2EE to their services. Encryption protects dissidents, journalists, human rights defenders, victims of domestic violence, government officials who handle national secrets, and everyone else against unwarranted eavesdropping. 

Law enforcement officials in some countries have opposed E2EE. They have legitimate concerns that while encryption protects users, it can also shield criminal activity by making it harder for law enforcement to obtain evidence of crime, including child sexual abuse material (CSAM). In a white paper first released last year, Meta described its plans to to use metadata analysis, user reporting, and other techniques to battle CSAM on its platforms that adopt E2EE. Meta also commissioned a Human Rights Impact Analysis on the effect of adopting E2EE on its platforms, and that report by Business for Social Responsibility concluded that human rights are enabled through the use of E2EE. The UN Office for the High Commissioner of Human Rights reached a similar conclusion in its 2022 report to the UN Human Rights Council on the right to privacy in the digital age. CDT’s 2021 Outside Looking In report on how to deal with CSAM in encrypted environments also describes such techniques. 

While Messenger’s roll out of E2EE by default has been four years in the making, it took courage for the company to make this move now to protect its users in the face of pressure from governments around the world to abandon the planned roll out. 

At a time of a renewed push by governments to cut back on encryption, Meta’s announcement is a big step forward in extending protection to nearly a billion users. We encourage other service providers to follow suit so that even more users will have the privacy and security of their communications protected.