What is end-to-end encryption or encrypted messages?
Encryption is a process where digital data is “translated” using an algorithm that makes the original information unreadable. End-to-end encrypted messages ensure only you and the person you’re communicating with can read what’s sent – nobody in between. In other words, encrypted messages prevent anyone from viewing your conversations who isn’t in the conversation.
When messages are unencrypted, they can be monitored by someone else. This monitoring could happen for a number of reasons including platforms investigating abuse allegations.
How does encryption work?
Each message that is sent is secured with a virtual “lock” and only the receiver and sender have the special “keys” or permissions to unlock it and read the message. This already happens automatically on a range of apps and platforms.
What popular apps use encryption?
Currently, the most popular apps that use end-to-end encryption are WhatsApp, Telegram and Apple’s iMessage and FaceTime. Facebook Messenger offers you an option to turn encryption on in the form of Secret Conversations.
Is every message I send and receive via phone encrypted?
No. Popular apps like the ones above offer encryption and so do some lesser-known apps. People may choose an app specifically because of its encryption capabilities.
The debate in favour of end-to-end encryption
Meta, formerly Facebook, has notably come out in favour of end-to-end encryption, or E2EE, for all of its messaging products. Head of Policy Management at Facebook, Monika Bickert, said, “We want to make sure that we are providing an experience that keeps people safe, especially for the crimes that are most at home, and most serious to them.” If messages and attachments are sent and received using E2EE, they cannot be viewed by anyone outside of the message. This means images and content in these messages cannot be accessed by outside parties and shared or abused.
The Information Commissioner’s Office (ICO) has also come out in support of end-to-end encryption. “It strengthens children’s online safety by not allowing criminals and abusers to send them harmful content or access their pictures or location,” says ICO’s executive director for innovation and technology, Stephen Bonner. ICO believes that delaying the encryption of these messaging apps leaves everyone at risk.
The debate against end-to-end encryption
Other organisations have come out against E2EE. Police and other child safety advocates worry that encryption creates a digital hiding place for sexual predators. If they can hide behind encrypted messaging, it is argued, they could share sexual abuse images with other predators and go unnoticed.
A campaign funded by the Home Office and supported by abuse survivors also warns that strong encryption prevents law enforcement from taking action against online abusers. While charities like the NSPCC agree that E2EE has its merits, more needs to be done to ensure that platforms “balance the privacy and safety requirements of all users, including young people.” The campaign, No Place to Hide, is a call to ensure that companies do not offer E2EE until changes are made to make sure children aren’t left vulnerable to sexual abuse online.
Steps to keep children safe online
Whatever the opinion on E2EE, all organisations agree that children and young people’s safety is their priority. Encryption isn’t the only safety tool available. Here are some actions you can take to keep your child safe online:
- Set parental controls: help your child have a safe and happier experience to explore their curiosity online. Ensure to set up parental controls to manage who they speak, what kinds of content they can see and more.
- Have regular check-ins: conversations about what your child is doing and who they are speaking to helps you stay on top of their online lives and keep them safe.
- Be aware of age restrictions: many apps and platforms have age limits. Check that your child isn’t using something meant for older teens or adults. See our Apps & Platforms articles for more information.
- Complete a device health check: if it’s been awhile since you’ve checked parental controls and other settings, complete a health check on your child’s device to ensure security features are up-to-date.