Facebook and Messenger to automatically encrypt messages


All Facebook and Messenger chats will be encrypted automatically, parent company Meta has announced.

Messages and calls protected by end-to-end encryption (E2EE) can be read only by the sender and recipient.

It has been possible to opt in to encrypted messages for years, but now it will become the default position.

Critics, including the UK government and police, claim the move to default encryption will make it harder to detect child sexual abuse on Messenger.

The Home Secretary, James Cleverly, said he was "incredibly disappointed" by Meta's decision after working together to tackle other online harms.

"We'll continue to work closely with them (Meta) to keep children safe online, but we must be honest that in our view, this is a significant step back", he said.

James Babbage, director general for threats at the National Crime Agency, was also highly critical.

"It is hugely disappointing that Meta is choosing to roll out end-to-end encryption on Facebook Messenger.

"Today our role in protecting children from sexual abuse and exploitation just got harder," he said.

Privacy and safety

The switch to encryption meant nobody, including Meta, could see what was sent or said, "unless you choose to report a message to us", Loredana Crisan, head of Messenger, wrote in a post announcing the change.

The company had worked with outside experts, academics, advocates and governments to identify risks to "ensure that privacy and safety go hand-in-hand", she wrote.

It is expected that messages in Instagram, also owned by Meta, may get encryption by default sometime in the new year.

Meta says that people will know when their chats are upgraded and become encrypted because they will be prompted to set up a recovery method to be able to restore their messages if they lose, change, or add a device.

Apps including iMessage, Signal, and WhatsApp all protect the privacy of messages with E2EE, but the tech has become a political battleground.

The apps and their supporters argue the tech protects privacy and security, including that of children.

But law enforcement, major children's charities, and the government have opposed the expansion of E2EE.

New powers in the recently passed Online Safety Act could enable Ofcom to force tech companies to scan for child abuse material in encrypted messages. Signal and WhatsApp have said they will refuse to comply with such requests.

But despite those powers, there has been continued pressure on Meta to hold the expansion of E2EE.

In September then Home Secretary, Suella Braverman, alleged that Facebook Messenger and Instagram direct messages were the platforms of choice for online pedophiles, telling the BBC that "we are arresting in this country about 800 perpetrators a month, we are safeguarding about 1,200 children a month from this evil crime".