Open Letter: Make DMs Safe

Facebook recently handed over direct messages between a mom and her teenage daughter to police. Now they’re being prosecuted under the state’s anti-abortion law. In an increasingly dangerous world, there’s one simple thing every messaging platform must do right now: make our messages safe using end-to-end encryption.

Sign the open letter: Facebook, Twitter, Google, Apple – and any company with a messaging platform – must protect our private messages and implement default end-to-end encryption immediately.

Thanks for signing the petition!

Please consider sharing this page with your friends and family.

Here’s what you need to know:

  • You might think all your direct messages on Facebook Messenger, Instagram, and Twitter are between you and your friends or family, but they aren’t.
  • Most platforms don’t use end-to-end encryption to protect your messages by default. Without this security, platforms can access your messages and share them with police; hackers can also access them; even employees at Twitter can poke through your inbox.
    • It’s awful to think that the DMs between the teenager and her mom in Nebraska would have been safe if only they had used a default end-to-end encrypted platform like WhatsApp.
  • We can fix this. If enough people demand companies make end-to-end encryption the default, all of our messages can be protected. Facebook is already looking at this for Messenger, it’s been discussed at Twitter; and WhatsApp and Signal are already encrypted by default.
  • We’re in a human rights backslide. Companies must act immediately. Dozens of states have already passed or will pass laws criminalizing all kinds of activities—not just getting an abortion but helping a friend get one, helping someone access abortion pills, and even just sharing information about how to get an abortion. States are also criminalizing gender-affirming healthcare and other acts of bodily autonomy. All of these repressive laws will be prosecuted using unencrypted messages.
  • End-to-end encryption makes everyone safer. Pregnant people, LBGTQ+ people, activists, immigrants, and journalists all benefit enormously from encrypted messaging. It protects you from stalkers, your creepy ex, and identity thieves who might hack into your messages. Everyone should have safe places to communicate with friends and loved ones online.

Sign the letter now: Facebook, Instagram, Twitter, Apple, Google and any company with a messaging platform must implement default end-to-end encryption immediately.

Report:
Where Platforms Stand on End-to-End Encryption

Meta (Facebook & Instagram) Meta
  • Facebook Messenger and Instagram DMs are not end-to-end encrypted by default, though you can turn on end-to-end encryption on a per-chat basis.
  • Meta is testing default end-to-end encryption for Messenger, but says it won’t be available until 2023.
  • Meta-owned WhatsApp is already end-to-end encrypted by default.
Twitter Twitter
  • Twitter DMs are not end-to-end encrypted.
  • The company has discussed end-to-end encryption for DMs in the past but hasn’t announced any plans to implement this feature.
  • Testimony from the recent whistleblower suggests that thousands of Twitter employees likely have access to users’ personal conversations.
Apple Apple
  • iMessage texts are end-to-end encrypted by default when sent between iPhones.
  • Texts between iPhone and Androids are not end-to-end encrypted. To fix this, Apple and Google need to work together. Google has proposed that Apple implement the RCS messaging protocol in iMessage. Apple has thus far refused that request, and suggested that customers "buy their mom an iPhone" if they want to communicate securely with friends and family.
  • Apple iMessage backups are not default end-to-end encrypted.
Slack Slack
  • Slack messages are not end-to-end encrypted.
  • Slack has shrugged off requests to implement end-to-end encryption.
  • There is a process through which employers can request and access employees' Slack messages.
Google Google
  • Google Chat is not end-to-end encrypted.
  • Google Messages (Google’s texting tool) is default end-to-end encrypted when texts are between two Android phones using the Google Messages app.
  • Google plans to roll out end-to-end encryption for group chats on Google Messages (between 3 or more people) by the end of 2022.
Discord Discord
  • Discord messages are not end-to-end encrypted.
  • Discord has considered implementing end-to-end encryption but hasn’t yet announced firm plans to introduce the feature.
Signal Signal
  • Signal messages are end-to-end encrypted by default.
  • Signal also allows users to enable disappearing messages on all new chats.
  • The Signal Protocol is open source and used by platforms including Google Messages and Facebook Messenger.

Encryption FAQ

  • Encryption scrambles a message in a specific way so that a limited number of people can decode and understand it. Some forms of encryption are more secure than others.
  • End-to-end encryption is a specific form of encryption that protects messages all the way from sender to recipient, using special keys that only the sender and recipient have access to.
  • If Person A sends an end-to-end encrypted message to Person B, the information is turned into a scrambled, incomprehensible message. The message stays encrypted the entire time it’s in transit because only Person A and Person B have the proper keys to decode the information and access it. No one else—not the platform you sent it on, your ISP, or a hacker—could decrypt and read the information.

  • End-to-end encryption protects lots of valuable digital information—everything from personal communications and bank account passwords to air traffic control systems, nuclear power plant controls, and our water treatment facilities.
  • End-to-end encryption has been rolled out to more accessible platforms over recent years. You may use it already if you communicate via WhatsApp or Signal, and Zoom made end-to-end encryption available for video meetings.

  • Mostly due to pressure from law enforcement. The FBI, ICE, Attorneys General, lawmakers, and other law enforcement agencies have pushed companies to not implement or even break end-to-end encryption. They’ve used all kinds of scare tactics to frighten companies away from end-to-end encryption projects because they’re afraid of losing their surveillance window into our lives.
  • But security experts, including the leaders of various governmental agencies,  support the use of end-to-end encryption because of the safety it provides.

  • Implementing end-to-end encryption as the default for all messaging platforms would prevent dangers like abuse and harassment without spying on the contents of every message. Meta, Twitter, Google, Apple, Slack, and Discord, as well as any messaging platform, must act quickly to make end-to-end encryption the default for all messages.