Open Letter: Make DMs Safe
In 2022, Facebook handed over abortion-related direct messages between a mom and her teenage daughter to police. Now they’ve been convicted and sentenced under the state’s anti-abortion laws. In an increasingly dangerous world, there’s one simple thing every messaging platform must do right now: make our messages safe using end-to-end encryption.
Sign the open letter: Slack, Discord, Instagram, X – and any company with a messaging platform – must protect our private messages and implement default end-to-end encryption immediately.
Are you an Organization or a Company?
Here’s what you need to know:
- You might think all your direct messages on Instagram, Slack, and Discord are private, between you and your friends, family, and coworkers – but they aren’t.
- Most platforms don’t use end-to-end encryption to protect your messages by default. Without this security, platforms can access your messages and share them with police; hackers can also access them; even employees at X can poke through your inbox.
- It’s awful to think that the DMs between the teenager and her mom in Nebraska would have been safe if only they had used a default end-to-end encrypted platform like WhatsApp.
- We can fix this. If enough people demand companies make end-to-end encryption the default, all of our messages can be protected. We’ve already made huge gains in this fight. In December 2023, Meta officially launched default end-to-end encryption for Messenger, and has committed to rolling out the same feature for Instagram “shortly afterwards.” Discord is experimenting with end-to-end encryption for voice and video calls, and Google and Apple recently announced plans to expand their use of end-to-end encryption. WhatsApp and Signal are already encrypted by default.
- This is not a new problem. The reproductive rights of groups such as Indigenous, Black, and disabled people have been violated and oppressed for decades. Now, that violence is being amplified, with dozens of states considering laws criminalizing all kinds of activities—not just getting an abortion but helping a friend get one, helping someone access abortion pills, and even just sharing information about how to get an abortion. States are also criminalizing gender-affirming healthcare and other acts of bodily autonomy. All of these repressive laws will be prosecuted using unencrypted messages.
- End-to-end encryption makes everyone safer. Pregnant people, LBGTQ+ people, activists, immigrants, and journalists all benefit enormously from encrypted messaging. It protects you from police surveillance, stalkers, your creepy ex, and identity thieves who might hack into your messages. Everyone should have safe places to communicate with friends and loved ones online.
Sign the letter now: Slack, Discord, Instagram, X, Apple, Google and any company with a messaging platform must implement default end-to-end encryption immediately.
Where Platforms Stand on End-to-End Encryption
- Instagram DMs are still not end-to-end encrypted by default (though you can turn on end-to-end encryption on a per-chat basis).
- Meta launched default end-to-end encryption for Facebook Messenger in December 2023, but the company says the roll-out will take a couple of months to complete.
- Meta-owned WhatsApp is already end-to-end encrypted by default.
- Twitter DMs are not end-to-end encrypted.
- Testimony from the recent whistleblower suggests that thousands of Twitter employees likely have access to users’ personal conversations.
- iMessage texts are end-to-end encrypted by default when sent between iPhones.
- Texts between iPhone and Androids are not end-to-end encrypted. However, Apple did announce plans to adopt RCS messaging protocol, which paves the way for end-to-end encrypted messages between different phones. This is big progress from their position in 2022 that customers "buy their mom an iPhone" if they want to communicate securely with friends and family.
- Signal messages are end-to-end encrypted by default.
- Signal also allows users to enable disappearing messages on all new chats.
All the Support:
- Encryption scrambles a message in a specific way so that a limited number of people can decode and understand it. Some forms of encryption are more secure than others.
- End-to-end encryption is a specific form of encryption that protects messages all the way from sender to recipient, using special keys that only the sender and recipient have access to.
- If Person A sends an end-to-end encrypted message to Person B, the information is turned into a scrambled, incomprehensible message. The message stays encrypted the entire time it’s in transit because only Person A and Person B have the proper keys to decode the information and access it. No one else—not the platform you sent it on, your ISP, or a hacker—could decrypt and read the information.
- End-to-end encryption protects lots of valuable digital information—everything from personal communications and bank account passwords to air traffic control systems, nuclear power plant controls, and our water treatment facilities.
- End-to-end encryption has been rolled out to more accessible platforms over recent years. You may use it already if you communicate via WhatsApp or Signal, and Zoom made end-to-end encryption available for video meetings.
- Mostly due to pressure from law enforcement. The FBI, ICE, Attorneys General, lawmakers, and other law enforcement agencies have pushed companies to not implement or even break end-to-end encryption. They’ve used all kinds of scare tactics to frighten companies away from end-to-end encryption projects because they’re afraid of losing their surveillance window into our lives.
- But security experts, including the leaders of various governmental agencies, support the use of end-to-end encryption because of the safety it provides.
- Implementing end-to-end encryption as the default for all messaging platforms would prevent dangers like abuse and harassment without spying on the contents of every message. Meta, Twitter, Google, Apple, Slack, and Discord, as well as any messaging platform, must act quickly to make end-to-end encryption the default for all messages.