Facebook plans to implement end-to-end encryption by default in 2023. The move follows an abortion case where the company forwarded a young woman’s messages to the police.
Since August 8, the case of Celeste Burgess, accused of having illegally aborted in the United States, has been heavily publicized. The reason? Facebook provided the police with the 17-year-old woman’s exchanges, which allowed them to charge her. A few days later, on August 11, the company announced that end-to-end encryption would be applied by default from 2023.
• What is end-to-end encryption?
This function makes it possible to secure digital exchanges. Applicable to written, audio or video messages, it ensures that only people involved in a conversation can access the messages. Data transmitted by transmitters is instantly encrypted and can only be read by recipients, using an encryption key.
This method is opposed to the transfer of data in clear text, in particular used when sending SMS. In this case, anyone could potentially intercept these exchanges and have access to them. End-to-end encryption therefore ensures that no one outside a conversation can discover its content.
• Which applications offer this service by default?
The Moderator’s Blog lists email services that offer encryption by default. The best known – Signal, Telegram or Whatsapp – are obviously part of it. But the site indicates other solutions. In particular the French applications Olvid and Skred or Wire, founded by the co-creator of Skype.
• Are there any limits to end-to-end encryption?
Antivirus solution provider Kapersky states in a blog post that encrypted exchanges can still be traced. If the conversations remain secure and no one is able to decipher them, the sending and receiving information can be traced. Thus, it is possible to know that an individual has sent a message on such a day, at such a time, to such a person. Without having the encryption key, the server will however retain the temporality of the exchanges and the identity of the senders and recipients.
• Why has the abortion affair revived the debate on the subject?
When Facebook received a search warrant to obtain Celeste Burgess’s trades, she was under investigation for miscarrying and disappearing the body of her stillborn child. But when analyzing her Facebook data, authorities in Nebraska discovered that it was actually an illegal abortion. The charges against the young 17-year-old woman therefore increased following the involvement of the social network in the case.
This is the first case where a woman’s personal data has been used against her since the revocation of the right to abortion in the United States. Despite everything, it should be noted that the facts, which took place in April, and the request of the authorities to Facebook, on June 7, preceded the decision of the American Supreme Court, on June 24.
However, the Nebraska abortion case describes the worst-case scenario that human rights groups feared. Since the revocation, they have repeatedly asked for more protection around personal data. Reviving the debate on the need for end-to-end encryption of conversations.
• Did Facebook announce its default encryption in response to the case?
Officially, there is no connection between the two events. Facebook explained that the search warrant did not indicate authorities were conducting an abortion investigation. If the announcement of default encryption on Messenger was made in the wake of events, it would not be a reaction, according to Martin Signoux. On Twitter, Meta’s public affairs officer in France recalled that the date of 2023 had already been cited long before the investigation against Celeste Burgess.
Indeed, at the end of 2021, Antigone Davis, the global head of security at Meta, had explained in a column published by The Telegraph“We’re taking our time to get it right and we don’t expect to complete the global rollout of end-to-end encryption by default on all our messaging services until 2023.”
However, the company’s press releases on end-to-end encryption published since these remarks have never mentioned this date of 2023 before this August 11th. Three days after the media coverage of the Nebraska abortion.
• Why is the application of default encryption not unanimous?
Messenger unveiled the end-to-end encryption feature in October 2016. Whatsapp has been using it since April 2016. Although both services were part of the Facebook group at the time, which has since become Meta, the default app choice was made for Whatsapp, but not for Messenger. A decision immediately criticized in the name of security and the protection of personal data.
At the same time, an opposition has also formed to plead in favor of the transparency of messages sent on Facebook. For six years, child safety advocates have been claiming that end-to-end encryption by default would protect child abusers in contact with minors. Although young Americans aged 13 to 17 seem to be deserting the social network, the argument remains perfectly understandable.
In June 2019, the US government even considered banning the encryption of personal data. The authorities regretted that they no longer had access to conversations as part of a police investigation.
Only problem, the revocation of the right to abortion in the United States gives weight to the need for the application of encryption by default. It would thus serve to protect pregnant women wishing to have an abortion.
Source: BFM TV