Meta delays message encryption on Facebook and Instagram to 2023
Meta, the parent company that owns Facebook and Instagram, has said that messaging encryption on the apps will be pushed to 2023, following child safety concerns.
The company had earlier said that encryption for Facebook and Instagram would happen by 2022 at the latest.
The decision came almost 18 months after a global coalition of 130 child protection organisations raised the alarm over the dangers of end-to-end encryption to children.
End-to-end encryption works by essentially ‘scrambling’ the data while it travels between phones and other devices. The only way to read encrypted messages would be to get physical access to an unlocked device that sent or received it.
End-to-end encryption ensures that apart from the sender and receiver, no third party can read the messages — including the police and Meta itself.
While encryption might seem like a good thing from a privacy perspective, children’s safety groups and politicians rightly worry that it could hamper police investigations into child abuse.
Private messaging ‘is the front line of child sexual abuse’ according to the National Society for the Prevention of Cruelty to Children (NSPCC). UK Home Secretary Priti Patel has also criticised message encryption, saying that it could ‘severely hamper’ law enforcement in pursuing criminal activity, including online child abuse.
Meta already uses end-to-end encryption on its WhatsApp messaging service and voice and video calls have already been encrypted on Facebook Messenger.
‘People expect their private communications to be secure and to only be seen by the people they’ve sent them to – not hackers, criminals, over-reaching governments or even the people operating the services they’re using,’ said Meta chief, Mark Zuckerberg earlier in defence of encryption.
However, Meta’s apps are used by 2.8 billion people every day. In 2020, more than 21 million referrals of child sexual abuse globally came from the tech industry to the US National Center for Missing and Exploited Children.
More than 20 million of those reports came from Facebook.
‘Facebook is right not to proceed with end-to-end encryption until it has a proper plan to prevent child abuse going undetected on its platforms,’ said the NSPCC’s head of child safety online policy, Andy Burrows.
NSPCC’s Freedom of Information requests to 46 police forces across England, Wales, and Scotland found that more than 9,470 instances of child sex abuse images and online child sex offences were reported to the police and 52% of these took place on Meta-owned apps.
Over a third of the cases took place on Instagram and 13% on Facebook and Messenger, with very few occurring over WhatsApp.
Meta’s plans to expand encryption to its other apps like Facebook Messenger and Instagram direct messages could worsen the distribution of child abuse imagery or online grooming on the platforms.
Antigone Davis, Meta’s global head of safety, wrote in The Telegraph on Saturday that the delay in implementing encryption was because the company wanted to ‘protect people’s private communications and keep people safe online’.
‘We believe people shouldn’t have to choose between privacy and safety, which is why we are building strong safety measures into our plans and engaging with privacy and safety experts, civil society and governments to make sure we get this right,’ said Davis.
Meta’s new approach will focus on ‘preventing harm from happening in the first place, giving people more control, and quickly responding should something occur’.
The company is also taking extra steps to protect children by defaulting them into private or ‘friends only’ accounts and restricting adults from messaging them if they aren’t already connected. It will also educate young people with ‘in-app tips on avoiding unwanted interactions’.
Earlier this year, Meta rolled out controls to let people decide who could interact with them. People can also automatically filter Direct Message requests on Instagram which contain potentially offensive words, phrases and emojis.
Meta is also encouraging people to report harmful messages by prompting them to do so when we think there could be a problem.
‘Where we find abuse, we make referrals to the authorities and respond swiftly to valid requests for data to support law enforcement investigations,’ said Davis.
The tech giant will now use a combination of non-encrypted data across its apps, account information and reports from users to keep them safe while assisting public safety efforts. This is similar to how reports to child safety authorities from WhatsApp are made.
The timing of the announcement coincides with the UK’s Online Safety Bill, which will become law around 2023 and require tech companies to protect children from harmful content and prevent abuse on their platforms.
Melanie Dawes, head of Ofcom, the regulator responsible for enforcing the Bill, said that social media companies should ban adults from directly messaging children or face criminal sanctions.
With the storm of bad press the company is receiving at the moment, it looks like pausing talks of encryption for the safety of children is a safer move for the company.
What is Ofcom and what does it cover?
Ofcom is the regulator for the communications services that we use and rely on each day.
The watchdog makes sure people get the best from their broadband, home phone and mobile services, as well as keeping an eye on TV and radio.
Ofcom deals with most content on television, radio and video-on-demand services, including the BBC. However, if your complaint is about something you saw or heard in a BBC programme, you may need to complain to the BBC first.
Its rules for television and radio programmes are set out in the Broadcasting Code.
The rules in the Broadcasting Code also apply to the BBC iPlayer.
This Broadcasting Code is the rule book that broadcasters have to follow and it covers a number of areas, including; protecting the under-18s, protecting audiences from harmful and/or offensive material and ensuring that news, in whatever form, is reported with due accuracy and presented with due impartiality.
Audiences can complain to Ofcom if they believe a breach of the Broadcasting Code has been made.
Every time Ofcom receives a complaint from a viewer or listener, they assess it to see if it needs further investigation.
If Ofcom decide to investigate, they will include the case in a list of new investigations, published in the Broadcast and On Demand Bulletin.
An investigation is a formal process which can take some time depending on the complexity of the issues involved.
Ofcom can also launch investigations in the absence of a complaint from a viewer or listener.