WhatsApp will be releasing end-to-end encryption for chat backups as an optional feature and users will have to remember a 64-bit key or choose a password to enable encryption.
The Facebook-owned company has completed building end-to-end encrypted backups for chats and will soon begin rolling out this extra layer of privacy and security protection as an option to users, the company announced on Friday (10). Whatsapp claimed that with end-to-end encrypted backups, no other messaging service operating at WhatsApp’s scale will provide this level of security for people’s messages. The company will be releasing this as an optional feature. In the coming weeks, it will be rolling this out to iOS and Android users who back up their chats to iCloud or Google Drive.
“We are announcing this now to provide the broader technical community with our approach before it’s available to our beta testers and eventually everyday users,” the company said in a statement. “In the coming weeks, we will be adding end-to-end encrypted backups as an additional layer of security for those who want it,” it added. “If someone chooses to back up their chat history with end-to-end encryption, it will be accessible only to them, and no one will be able to unlock their backup, not even WhatsApp.”
In a series of tweets, WhatsApp head Will Cathcart said the company is providing options for users to remember a 64-bit key or choose a password that the company does not know and cannot access (and neither can Apple or Google) in order to enable the encryption.
Cathcart added that WhatsApp believes free societies need the best security to protect people. “Billions of people now have sensitive digital information — like their private messages — and that information is at an increasing risk of being stolen by hackers, criminals, and even hostile states themselves,” he said.·He said that the main feedback the company gets from people is that “they want WhatsApp and others to collect even less data and offer even more privacy”.
This comes at a time when WhatsApp is facing challenges in governments, including in India, where the IT rules mandate platforms to reveal the originator of a message. WhatsApp has challenged the rules in court, calling them unconstitutional.
“Some governments continue to suggest using their powers to require companies to offer weaker security. We think that’s backwards: We should demand more security from companies for people’s sensitive information, not less,” Cathcart said.
WhatsApp’s announcement comes days after a report in ProPublica said even though WhatsApp says it does not see user content, the Facebook-owned company has an extensive monitoring operation and regularly shares personal information with prosecutors.
“WhatsApp provides a way for people to report spam or abuse, which includes sharing the most recent messages in a chat. This feature is important for preventing the worst abuse on the internet. We strongly disagree with the notion that accepting reports a user chooses to send us is incompatible with end-to-end encryption,” a WhatsApp spokesperson said.
ProPublica later said a version of the story caused confusion, and that the company “examines only messages from threads that have been reported by users as possibly abusive. It does not break end-to-end encryption”.
(The News Minute)