The upcoming Messenger update will also give users the ability to edit messages for up to 15 minutes after they’re sent.
After years of challenges and a test roll-out in August, Meta is finally bringing end-to-end encryption to Messenger and Facebook.
With this update, users will get the same level of privacy and security that is provided to WhatsApp users. Meta claims it built this form of end-to-end encryption on “strong cryptographic principles”, including the Signal Protocol, and the company’s own Labyrinth Protocol.
Meta said the encryption means that users’ messages are encrypted from everyone, including the company itself. Messenger has had an option to turn on end-to-end encryption since 2016 according to Meta, though it appears to have been challenging to make it a default option.
“Our engineers, cryptographers, designers, policy experts and product managers have worked tirelessly to rebuild Messenger features from the ground up,” Meta’s head of Messenger Loredana Crisan said in a blogpost.
“We worked closely with outside experts, academics, advocates and governments to identify risks and build mitigations to ensure that privacy and safety go hand in hand.”
Meta also announced other privacy updates for Messenger, including the ability to edit messages that may have been sent accidentally. Users will soon be able to edit messages for up to 15 minutes after they have been sent.
There is also a Disappearing Messages update, where a user can send a temporary message that lasts for 24 hours before it is deleted.
“We are also improving the interface to make it easier to tell when Disappearing Messages are turned on,” Crisan said. “This will help people be confident that their messages stay secure and won’t stick around forever.”
“This is the biggest set of improvements to Messenger since it was first launched in 2011. I’m proud of what Messenger has become: a fast and reliable service, with enjoyable features and strong safety tools, and now with the added privacy and security of end-to-end encryption.”
In a separate blogpost, Meta said it’s still in the testing phase for bringing end-to-end encryption to group messages. The company also said it plans to conduct additional tests next year around bringing end-to-end encryption to Instagram.
Some concerns have been raised about the future of end-to-end encryption, however. A piece of legislation in the UK’s Online Safety Act means regulators can direct companies to deploy certain technologies that bypass encryption to scan for child sex abuse material – once that technology becomes technically feasible to use.
Documents that were leaked earlier this year suggest many EU countries are in favour of scanning encrypted messages to prevent the spread of CSAM, with Spain supporting a ban on end-to-end encryption.
10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.