After years of tech companies and police tussling and clashing over end-to-end encryption, Meta this week brandished a new tool in its arsenal that could help the social media giant resist government pressure to change course or weaken the plan to implement end-to-end encryption in its private communications services.
On Monday, Meta released a report on the human rights impact of end-to-end encryption, created by Business for Social Responsibility, a nonprofit organization focused on corporate impacts. Meta, which commissioned the independent BSR report, also published its response. In a study that took more than two years to complete, BSR found end-to-end encryption to be extremely positive and critical to protecting human rights, but also delved into the criminal activity and violent extremism that can find secure refuge at the end. end-to-end encrypted platforms. Most importantly, the report also offers recommendations on how to potentially mitigate these negative impacts.
From 2019 Meta said it will eventually roll out end-to-end encryption across all of its messaging platforms. The security measure, designed to block services from accessing their users’ communications, has long been implemented on the Meta-owned WhatsApp platform, but the initiative will also bring the protection to Facebook Messenger and Instagram Direct Messenger. Meta said the delay in fully deploying end-to-end encryption on these other services was largely due to technical challenges and interoperability issues, but the company also faced criticism over the plan from the United States government and other countries around concerns worldwide that adding the feature would make it harder for the company and law enforcement to counter a range of threats, such as child abuse and the distribution of child sexual abuse material, coordinated disinformation campaigns, viral speech by hatred, terrorism and violent extremism. The US government, and the FBI in particular, have long argued that the end-to-end encryption that protects user data also protects suspects from criminal investigations, thereby endangering public and national security.
“I’m glad to see that the BSR report confirms the critical role that encryption plays in protecting human rights,” said Rhianna Pfefferkorn, a researcher at the Stanford Internet Observatory who was not involved in the study. “While it is true that unwanted behavior occurs in an encrypted context, most people are not criminals, while everyone needs privacy and security. Weakening encryption is not the answer.
The question for Meta and privacy advocates around the world is how to develop mechanisms to stop digital abuse before it starts, flag potentially suspicious behavior without accessing users’ actual communications, and create mechanisms that allow for users to effectively report potential abuse. Even very recent efforts to strike a balance have been met with strong criticism from privacy and encryption advocates.
For example, Apple announced plans in August to debut a feature that will scan users’ data locally on their devices for child sexual abuse material. That way, the reasoning goes, Apple won’t need to directly access the data or compile it in the cloud to check for abusive material. However, the researchers raised many concerns about the potential for such a mechanism to be manipulated and abused, and the risk that it might not even achieve its goal if the system produced multiple false positives and false negatives. Within a month, Apple backed out, saying it needed time to reevaluate the scheme.
