So it’s all over the information security and online safety spaces. And it’s wrong.
Timeline: Part 1
Facebook’s Antigone Davis wrote this in the Telegraph — regrettably paywalled, but I obtained access in order to go have a look:
We’re taking our time to get this right and we don’t plan to finish the global rollout of end-to-end encryption by default across all our messaging services until sometime in 2023.
That sounds pretty reasonable to me. How about to you?
Yeah, that’s what I thought.
It’s a lot of work, and 2023 is only … 15 months away?
Code takes time to do, and there’s no mention of the word “delay” on that page.
Timeline: Part 2
Then the Telegraph’s technology editor “James Titcombe” decided that he was going to rewrite than and editorialise Davis’ posting as some sort of climb-down:
Facebook has delayed plans to encrypt users’ private messages after warnings from campaigners that the changes will make it harder to catch child abuse. Antigone Davis, the technology company’s head of safety, said the controversial changes would now not happen until 2023 at the earliest.
…so, okay, maybe James has a source that we’re not aware of which somehow committed Facebook to a 2022 launch versus 2023, but anyone who works in software knows about product ship dates being movable feasts.
And in any case:
Timeline: Flashback to 2020!
Back in January 2020, Andy Greenberg posted this at Wired:
Facebook Says Encrypting Messenger by Default Will Take Years
Mark Zuckerberg promised default end-to-end encryption throughout Facebook’s platforms. Nearly a year later, Messenger’s not even close.
…and if you want to read the whole thing, either pay Wired or open the link in an incognito window.
It literally says “Encrypting Facebook Messenger alone represents a Herculean technical challenge. According to one of the Facebook engineers leading the effort, a version of Messenger that’s fully end-to-end encrypted by default remains years away.”
The article also says this, which I shall just screencap because I am lazy:
So… 2020 + “years” could mean 2022, but I wouldn’t be surprised at a bit longer.
What are we to make of this?
The Telegraph has a real downer on encryption at the moment — only a few weeks ago they trashed Frances Haugen’s positive perspective on end-to-end encryption in pursuit of an agenda which only they know:
However: it really serves the political debate of the moment to frame this as a climb-down; the people who do not want Facebook/Meta to provide better communications security are in need of a boost, especially with the UK Online Safety Bill attracting so much flak for its ludicrous scope, to mention but one thing.
And so we’re all on Twitter shouting about “how dreadful it is that Facebook is delaying E2EE” but actually what we’re doing is feeding a side-show debate about whether we should be having E2EE at all — and in doing so we are empowering both sides of the debate, by buying into the Telegraph’s frame that the need for E2EE is still up for discussion.
We — all of us who are in favour of encryption — we all got pwned, folks.
Leave a Reply