Facebook Messenger to add encryption but weaken it so it can continue reading messages, report claims

Facebook and Google have both looked to integrate tighter security into their messaging apps – but in a way that allows them to keep looking at messages

Andrew Griffin
Wednesday 01 June 2016 14:18 BST

Facebook chats are set to become far more secure – or at least try and tell people that it is, according to reports.

The company is gearing up to announce that it is enabling end-to-end encryption within its Messenger chat app, according to The Guardian, building on previous reports that it was looking at "secret chats". But those reports have also come with a caveat: that the security feature will be opt-in.

End-to-end encryption uses technology to ensure that messages can only be read by the person sending and receiving the message. Such security has become more and more important in recent months, since it means that governments and hackers can’t read conversations – but it also means that companies like Facebook can’t either, and it needs to.

The move will bring Facebook’s Messenger service into line with other chat apps including its own WhatsApp and Apple’s iMessage. Those use end-to-end encryption, which means that nobody – including the companies themselves – can intercept messages while they are being delivered.

But unlike those apps, Facebook’s encryption doesn’t seem to be turned on all the time and is instead opt-in. That makes it more like Google’s recently-announced Allo – which also includes an encrypted chat option, but turns it off by default and only enables it in “incognito mode”.

Like Google, Facebook will presumably add both an encrypted mode that attempts to keep messages secure but means that they can be read by the companies, and an end-to-end one, that can be switched on and gives extra privacy but gets rid of some features.

WhatsApp encryption in 60 seconds

Both companies have been forced to take that step because so much of the platform depends on machine learning – which requires giving messages over to Facebook or Google’s services so that they can learn more about their users. Google’s Allo, for instance, reads through messages so that it can learn how a person talks and then offer “smart replies” – a guess at what its user would want to say so that they don’t have to write it all out.

Both companies also make their money through gathering data about people through ads, which means that fully-encrypted chats would get in the way of their business models.

Google’s chat app has already drawn criticism from Edward Snowden, whose disclosures helped start the interest in technology to keep authorities from intercepting messages. He said that the app was "dangerous" and that people shouldn't use it.

End-to-end encryption is far more secure than the kind of encryption that’s in operation by default in Allo. By weakening the security so that it can be read by the company – Google, Facebook, or whoever else – it also vastly weakens the protection that can be afforded against other people reading the messages.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies


Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in