Tech titans seem to advocate for our privacy – but how genuine is it?
We often hear companies and governments talk about encryption – some favouring it and others against it. While we associate the term with increased privacy, which is true, but it doesn’t represent the whole picture.
What’s end-to-end encryption?
When text is encrypted, it’s scrambled into data that’s unreadable to prying eyes. Such data can only be read using a decryption key which deciphers the data back into legible text. End-to-end encryption further enhances data protection by ensuring that the keys to unlock the data are stored only on the receiving device, meaning that companies can’t decrypt the data if they wanted to.
In short, it means that only the sender and the recipient can read the content of a message.
Encryption is crucial for privacy, yet it remains one of the most controversial aspects of online security. For the past few years, we’ve seen politicians and tech executives battle over encryption, with governments complaining that it makes it harder for them to catch criminals.
Governments vs Tech
Earlier this year, the UK’s Home Secretary, Priti Patel, warned that end-to-end encryption makes it difficult to combat criminal activity, claiming that messaging apps are “the frontline of child sexual abuse”. She then went after Facebook for pursuing such encryption in their services.
Facebook argued that such security is necessary to keep people safe from hackers.
Conflicts between governments and tech companies are not new.
In 2016, Apple publicly opposed an order by the FBI to build a custom operating system that would allow the agency to unlock a terrorist’s iPhone. What’s surprising in this case is that Facebook isn’t known for prioritising its customers’ privacy, yet here it is advocating for increased encryption in its apps.
So why would a company that profits on customer data go through such trouble encrypting it? Metadata!
Facebook’s encryption loophole
Facebook may scramble the actual content of your messages, but it still collects enough data on you through additional content known as metadata. This can include who you’re messaging, what time you messaged them, the type of message, your location, and more.
As a result, you may send a picture to your friend on WhatsApp while you’re inside Villagio. Facebook won’t know the image’s content, but it knows you sent a picture at this specific location.
An even more uncomfortable scenario occurs when metadata is linked to your online activity. You may read an article about a health issue and share it with a friend on WhatsApp. Facebook can’t directly see what link you shared, but it may know what link you just read, a timestamp of when you read it, and a timestamp of the message you sent your friend. Combining such data can help Facebook figure out what link you just shared without even needing to decrypt your message in the first place.
Despite the limitations of end-to-end encryption, it still offers significantly more privacy than if it were abandoned altogether.
That’s precisely why governments around the world use encrypted messaging channels for communication. Often, these are the same governments that try to take away our right to private conversations.
A double standard
The hypocrisy in government agencies has not gone unnoticed, and for tech experts, it’s frustrating to watch politicians fight against encryption without actually understanding how it works or realising that their jobs depend on it.
Last year, the UK’s security agency, MI5, asked tech companies to grant it access to encrypted data “on an exceptional basis.” Tech journalists were quick to point out that this entirely defeats the concept of end-to-end encryption.
Governments have tried banning encryption altogether by introducing laws restricting digital privacy. This often backfires as it accidentally encourages people to use VPNs or other means of accessing the internet without any governmental supervision.
Our online activity is the single largest source of personal data. This pool of data increased as the pandemic accelerated our growing reliance on online communication.
Unencrypted messages are the equivalent of having someone eavesdrop on everything we say. In fact, it’s even worse than that because our digital conversations are often permanently stored and exposed to hackers.
End-to-end encryption is a necessary tool to safeguard our online communication. Sure, it doesn’t mean that our data is entirely private, but it’s a massive step in the right direction.