Facebook announced today it would roll out optional “end to end encryption” for its Messenger application. The company shared technical details about its implementation of the security in a technical white paper (Warning: PDF) But note the word optional. You have to enable encryption yourself for this announcement to be of value to you.
What’s up with that?
Here’s my guess as to to why Facebook might have gone this route. End to end encryption means that the users at both ends of the conversation have the traffic going back and forth between them encrypted. That means Facebook can’t see what goes back and forth from those users. Which poses a problem for Facebook who mines data that users produce so they can make as much money as possible from it. If end to end encryption was enabled by default, that would cause Facebook to lose some of its revenue stream. If they made end to end encryption optional, and say only 25% of users enabled it, they would still make money off the other 75%. Yes that’s a very cynical view of things. But it is a logical explanation seeing as they were able to switch end to end encryption on with WhatsApp earlier this year with no issues. Thus you have to look at this whole situation and just conclude that it falls firmly in the category called #fail.