Why It Took Meta 7 Years to Turn on End-to-End Encryption for All Chats
Since 2016, the social behemoth now known as Meta has been working to deploy end-to-end encryption in its communication apps. CEO Mark Zuckerberg even promised in 2019 that the data privacy protection would roll out by default across all of the company’s chat apps. In practice, though, it was a wildly ambitious goal fraught with technical and political challenges, and Meta has only been able to move toward it in gradual, incremental steps. But this week the company is finally starting its full rollout.
“It’s been a wild ride,” says Jon Millican, a senior staff software engineer within Meta’s messenger privacy team. “I suspect this is the first time that something’s been end-to-end encrypted with all of the constraints that we’re working with. It’s not just that we’re migrating people’s data, but it’s actually that we’re having to fundamentally change a bunch of the assumptions that they work with when they’re using the product.”
Meta has had to stake out a position as a committed proponent of end-to-end encryption amid pressure from law enforcement and victim advocacy groups that the privacy feature—which makes data unintelligible everywhere except on the devices of the sender and recipient—limits necessary oversight and impedes crucial police investigations. Meanwhile, the company has spent the past four years, not to mention the better part of a decade, developing the technology to retrofit two massive communication platforms—Messenger and Instagram chat—such that they could still offer the features and general experience users expect under the technical constraints and usability challenges of end-to-end encryption.
“I understand that many people don’t think Facebook can or would even want to build this kind of privacy-focused platform—because frankly, we don’t currently have a strong reputation for building privacy-protective services, and we’ve historically focused on tools for more open sharing,” Zuckerberg memorably wrote in his 2019 treatise. But he added that there was a clear desire from users to have access to private and secure encrypted communication services. “This is the future I hope we will help bring about,” he wrote.
Meta says that it will take some time for the rollout of full default end-to-end encryption to reach all Messenger and Instagram chat users, and the feature is still only launching for direct messages between two accounts. End-to-end encryption for group chats will continue to be opt-in for now. But these final delays have to do with gradually converting billions of accounts to run the cryptography and encrypted storage schemes that underly the effort. And while the infrastructure is new and had to be painstakingly tailored to Meta’s services, the company says it built the system on the Signal Protocol and thoroughly vetted the implementation both internally and with independent experts. In the lead-up to this announcement, the company did a final round of outreach to privacy groups and cryptographers to show them the documentation and have them test the feature.
“It looks just like Messenger, except that under the hood it has really strong encryption,” says Matt Green, a Johns Hopkins cryptographer who previewed the launch a few weeks ago. “Getting things to work on the web seems like it was the hard part, but they pulled it off.”