Encryption and messaging services

Encryption FAQ: encrypted messaging, AI, content moderation, and more

PUBLISHED: 11 September 2024LAST UPDATED: 11 September 2024

Encryption is increasingly in the news, whether it’s governments seeking access to encrypted messages, or the CEO of an encrypted messaging platform getting arrested. But many people don’t understand how it works, or why protecting strong, end-to-end encryption (E2EE) is vital for safeguarding people’s privacy and other human rights. Below, we answer some of the most common questions surrounding encryption, AI, and content moderation on encrypted messaging platforms.  

  1. What’s the difference between ordinary encryption and end-to-end encryption?
  2.  If a platform says that messages are encrypted, does that mean no one can access the content?
  3. Can the government or law enforcement get access to encrypted content?
  4. Should people use the same secure messaging platform in every context?
  5. What are some of the technical differences between major messaging platforms that affect our privacy?
  6. Can platforms use machine learning/AI to scan encrypted content without harming privacy?
  7. Where can I find more information about encryption and human rights?

1. What’s the difference between ordinary encryption and end-to-end encryption? Don’t they offer the same protection? 

No. End-to-end encryption (E2EE) offers a materially different level of privacy and security in the context of online communications than ordinary encryption. E2EE is the gold standard for encryption.

E2EE ensures that only you and the intended recipient/s of your message can view the content, and no one else. 

The “end-to-end” refers to the two endpoints in the communication chain: the sender and the recipient. Only these two hold the decryption keys. When content is encrypted end-to-end, all that is on the servers and systems that facilitate the exchange is a string of letters and numbers (so-called ciphertext). No one can intercept the data in transit — not even the service provider/messaging platform itself — because they do not have the key to decrypt the ciphertext and see the plain text of the content that is being exchanged. A service provider will only see the content of a message if either the sender or recipient deliberately shares it (such as through WhatsApp’s reporting mechanism), or if either one decides to creates a back-up of the chat that is not E2EE (more on this below).

Examples of end-to-end encrypted systems include Signal, Meta’s WhatsApp, Apple’s iMessage, and Telegram’s “Secret Chats” (but not the other messaging services Telegram offers).

In contrast, ordinary encryption does not prevent access from end to end. Your data is encrypted in transit between your device and the service provider’s servers. This means it is protected against any manipulation or attack while it is being transferred. (For instance, someone connected to the same network would not be able to see the message content.) However, the service provider has the decryption keys and is therefore able to access the content that is being exchanged on its platform.

Examples include Google’s Gmail and Telegram (for all Telegram messaging services except the E2EE “Secret Chats”).

E2EE systems enable privacy by design. Systems protected by ordinary encryption, meanwhile, are more susceptible to interference: bad actors can more easily exploit these platforms for criminal purposes; law enforcement can compel providers to disclose private data; and service providers can use the data for their own purposes, such as to serve targeted ads or train AI systems. 

2. If a platform says that messages are encrypted, does that mean no one can access the content?

Not necessarily. Only end-to-end encrypted (E2EE) systems prevent all third-party access to the content that is being exchanged. Other encrypted systems may be designed to grant various degrees of access to that content, and/or enable the provider to moderate the content. On such non-E2EE platforms, a provider would have the technical ability to grant access or moderate content, but may choose not to.

Since the provider of an E2EE system does not have decryption keys for the exchanged content by design, the provider can’t access this content even if it wants to, or is compelled to. This also means that if malicious actors hack an E2EE platform’s systems, the hackers can’t get access to the content of the messages, either. This information simply does not exist in decrypted form on the servers.

But beware: some providers offer E2EE for some of their services, and not others. For instance, on Signal, WhatsApp, and iMessage, all personal and group chats are E2EE by default. However, on Telegram, E2EE is not the default. You can only get E2EE when you manually select the “Secret Chat” option through a multi-click process. In addition, Secret Chats only work for chats with no more than two people, and they can only be activated when both people are online.

3. Can the government or law enforcement get access to encrypted messages?

It depends on how the encrypted system is designed.

When law enforcement seeks access to the content of messages on Signal, WhatsApp, or iMessage, these end-to-end encrypted (E2EE) platforms do not have the ability to provide that information. It would be like asking someone to unlock an unbreakable safe that they have no key to, and have never seen the inside of. Every chat on these platforms is E2EE by default, regardless of the number of participants. 

A platform like Telegram is different. As we note above, only Telegram’s opt-in feature “Secret Chats” is E2EE. For all other chats, Telegram has access to the content exchanged between its users. Other platforms that use ordinary encryption for some or all of their services may also have such access. 

It’s important to note that even if it is technically possible to grant law enforcement access to the content of messages, some platforms may choose not to. 

The way a platform is designed is also relevant for whether and to what extent a service provider can moderate the content exchanged on the platform.

4. Should people use the same secure messaging platform in every context? 

No. Different messaging platforms have different use cases, and people should make an informed decision based on their needs. Even if they are all marketed as a “secure messenger,”  the different platforms are not fungible, and offer varying levels of security and privacy.

You will have a different risk threshold based on your use case, your context, and your personal preferences. For example, a dissident in a repressive regime, a member of a persecuted community, or a journalist seeking to protect their sources would have a different threshold than a company leader speaking to their team or a politician addressing party members. On an individual level, you might have a different threshold when you’re talking with friends and family in a group chat (one use case), than you would seeking information about reproductive healthcare (another use case), depending on your context.

5. What are some of the technical differences between major messaging platforms that affect our privacy?

There are a number of design factors that affect privacy and security. In evaluating which platform to use, you should ask the following questions:

  • Are all conversations on the platform end-to-end encrypted (E2EE) by default? 
  • If only some services are end-to-end encrypted, which ones are they? How can the feature be activated? 
  • Does the platform back up data in the cloud automatically, or only when you opt in? Is the backup E2EE? 
  • Has the encryption protocol been fully vetted by security researchers?
  • What kind of metadata does the platform collect?

Platforms where all conversations are E2EE by default are more secure by design, as they eliminate any ambiguity about the level of privacy available, and do not place the onus on you to specifically opt-in for enhanced privacy. 

Platforms like Telegram where only certain services are E2EE are inherently less secure, as they leave scope for exposing the content of your messages via the less secure chats or channels you may be engaging on.

The quality of the encryption protocol matters. An important indicator of how reliable and robust an app’s encryption protocol is, is whether it is open source, vetted, and strengthened by security researchers. Notably, Telegram is the only major messaging platform today that uses a proprietary, partially closed-source cryptography protocol, instead of existing mature and tested protocols.

Another issue is how the platform backs up your message data. If a platform is not offering E2EE by default, backing up chats on a cloud can open up an access point to the data. Signal only stores content locally on the device, and there is no back up anywhere else. WhatsApp has a mechanism to back up messages on the cloud either in a non-E2EE or E2EE format. Telegram does not back up E2EE-protected “Secret Chats”; it backs up other chats (referred to as “Cloud Chats”) and has the decryption key to those backups.

How a platform protects metadata — that is, information about a message, not the content itself — is yet another part of the privacy puzzle. Different platforms, even among those that are E2EE, grant varying degrees of access to metadata, the data about your data. Your metadata can reveal when, how, and with whom you communicate. It can display photos, chat descriptions, and so on. In fact, your metadata can sometimes be even more sensitive than the content of your messages, because it can reveal where you go and what you do, as well as the people you talk to. There are instances of arrests triggered by metadata, and Michael Hayden, former director of the U.S. National Security Agency (NSA) and Central Intelligence Agency (CIA), admitted that law enforcement can even kill people based on metadata. The UN High Commissioner for Human Rights has also underscored its importance for privacy, highlighting that the right to privacy extends to metadata in online spaces.

WhatsApp collects metadata, including information about your location, contact information, data usage, and so on. When WhatsApp made changes to it privacy policy to share sensitive data with its parent company Meta in 2021, it faced an exodus of users. Today, Meta’s AI within WhatsApp can read parts of conversations that mention @MetaAI, and use the exchange to train its AI models. It is not entirely clear how exactly Meta AI works within WhatsApp, and what the precise scope of its impact on privacy could be. People who use WhatsApp can opt out of letting Meta use their data to train its AI models, but Meta does not guarantee that it will not use the data this way; instead, the company says it will “review objection requests in accordance with relevant data protection laws.” 

Signal, meanwhile, grants access only to negligible metadata — for example, information about when a user registers for the service. The company keeps the vast majority of metadata encrypted and inaccessible

It’s not clear to what extent Telegram collects metadata, though its website states that the company collects “metadata such as your IP address, devices and Telegram apps you’ve used, history of username changes, etc.”

Finally, when evaluating platforms for privacy, it’s also important to consider how they function overall. Telegram is more akin to a public social media network than a private messaging platform. It has groups of up to 200,000 members, broadcasting channels with an unlimited number of subscribers, and conversations are not E2EE by default. 

In contrast, Signal is E2EE by default, has limited broadcasting features, and groups can hold only up to a 1,000 people

Like Signal, WhatsApp encrypts messages using E2EE by default. But its groups can have 1,024 members, and the Communities feature for announcements and topic-based interactions can host 2,000 people. When people receive broadcast messages, no one knows who else received the message. 

6. Can platforms use machine learning/AI to scan encrypted content without harming privacy?

No. For example, any type of scanning of content on end-to-end encrypted (E2EE) platforms is fundamentally at odds with the privacy and security promise of E2EE. Using AI to scan the content doesn’t change that.  

Several governments, including the EU, UK, Australia, Sri Lanka, and India are contemplating, or have implemented, legislation requiring communication platforms to proactively detect or intercept certain types of content. There is no categorical exception for E2EE platforms. If this type of legislation is applied to E2EE apps, they would need to implement the ability to scan content on the device (“client-side scanning”). This is not a feature E2EE platforms already have, and building and implementing it would jeopardize the privacy and security of people who rely on these platforms.

Client-side scanning is a security vulnerability that would enable surveillance and could be exploited by a range of actors. It gives control of a person’s device and personal information to entities other than the device owner, compromising the integrity of the devices and encrypted systems.  A client-side scanning mandate is therefore effectively a mandate for disproportionate, generalized, mass surveillance, and represents a severe threat to privacy and security.

While many of these frameworks are premised on the idea of enhancing online safety, they would in fact make the internet less safe for everyone. This is why representatives from multiple encrypted chat apps warned they would leave the UK if they were compelled to implement this kind of scanning.

Some assume that if you use machine learning or AI tools to scan content, you can better protect privacy, because a machine, not a person, is doing the scanning. But the scanning is aimed at revealing what is supposed to be private information. In addition, machine learning and AI are computational systems that rely on collecting hordes of personal data. That in itself is at odds with the privacy promise of encrypted systems. The bottom line is that no surveillance system is privacy-friendly.

7. Where can I find more information on encryption and human rights?

Access Now has published a number of resources on aspects of encryption. We encourage you to read further!