Is Facebook's End-To-End Encryption Actually Safe?
Meta is expanding its end-to-end encryption feature on Facebook Messenger, the company announced in a blog post, specifically testing out automatic encryption for chat threads. It's something that seems like a net positive, and the news arrives only days after word surfaced that the company had turned private messages over to police, leading to a Nebraska teen facing criminal charges over an alleged abortion. After allegedly preventing authorities from acquiring "wiretap" access to users' private communications back in 2018, this latest turn of events sends what could charitably be called a mixed message about how safe and secure those presumably private conversations really are.
For its part, Meta has stated that encrypted messages will remain as such, to the point where not even the company itself will be able to access them (unless the sender or recipient reports them). So with end-to-end encryption enabled, users are free (in theory) to discuss whatever they want without having to worry about their privacy being invaded, at least when it comes to government authorities and law enforcement requesting copies of messages.
What's the verdict?
End-to-end encryption on Facebook Messenger is much more secure than non-encrypted messages, and it's not a new feature on the messaging platform. Rather, the current problem is that it places the responsibility of actually using the feature on the user, as it's an opt-in service called Secret Conversations that the user must initiate with the person they're talking to.
Not everyone who uses Facebook Messenger will have the same level of tech-savviness or the same vested interest in making sure their correspondence is private. If one of the two people in a conversation hasn't turned encryption on — either because they don't think it's needed or because they aren't aware of it or don't know how — then it's not secure.
If Meta's test goes well and it decides that end-to-end encryption will become the new default for messages, then these concerns will likely disappear. However, for the moment that added layer of protection isn't the default, and so anyone discussing sensitive information should consider doing so through a more verifiably secure line of communication like Signal or other apps that feature end-to-end encrypted messaging.