Internet Encryption

Encrypted chat apps like Signal and WhatsApp are one of the best ways to keep your digital conversations as private as possible. But if you're not careful with how those conversations are backed up, you can accidentally undermine your privacy.

When a conversation is properly encrypted end-to-end, it means that the contents of those messages are only viewable by the sender and the recipient. The organization that runs the messaging platform--such as Meta or Signal--does not have access to the contents of the messages. But it does have access to some metadata , like the who, where, and when of a message. Companies have different retention policies around whether they hold onto that information after the message is sent.

What happens after the messages are sent and received is entirely up to the sender and receiver. If youre having a conversation with someone, you may choose to screenshot that conversation and save that screenshot to your computers desktop or phones camera roll. You might choose to back up your chat history, either to your personal computer or maybe even to cloud storage (services like Google Drive or iCloud, or to servers run by the application developer).

Those backups do not necessarily have the same type of encryption protections as the chats themselves, and may make those conversations--which were sent with strong, privacy-protecting end-to-end encryption--available to read by whoever runs the cloud storage platform youre backing up to, which also means they could hand them at the request of law enforcement.

With that in mind, lets take a look at how several of the most popular chat apps handle backups, and what options you may have to strengthen the security of those backups.

How Signal Handles Backups

The official Signal app doesnt offer any way to back up your messages to a cloud server (some alternate versions of the app may provide this, but we recommend you avoid those, as there dont exist any alternatives with the same level of security as the official app). Even if you use a device backup, like Apples iCloud backup, the contents of Signal messages are not included in those .

Instead, Signal supports a manual backup and restore option. Basically, messages are not backed up to any cloud storage, and Signal cannot access them, so the only way to transfer messages from one device to another is manually through a process that Signal details here . If you lose your phone or it breaks, you will likely not be able to transfer your messages.

How WhatsApp Handles Backups

WhatsApp can optionally back up the contents of chats to either a Google Account on Android, or iCloud on iPhone, and you have a choice to back up with or without end-to-end encryption. Here are directions for enabling end-to-end encryption in those backups. When you do so, youll need to create a password or save a 64-digit key.

How Apples iMessages Handles Backups

Communication between people with Apple devices using Apples iMessage (blue bubbles in the Messages app), are end-to-end encrypted, but the backups of those conversations are not end-to-end encrypted by default. This is a loophole we've routinely demanded Apple close.

The good news is that with the release of the Advanced Data Protection feature , you can optionally turn on end-to-end encryption for almost everything stored in iCloud, including those backups (unless youre in the U.K., where Apple is currently arguing with the government over demands to access data in the cloud, and has pulled the feature for U.K. users).

How Google Messages Handles Backups

Similar to Apple iMessages, Google Messages conversations are end-to-end encrypted only with other Google Messages users (youll know its enabled when theres a small lock icon next to the send button in a chat).

You can optionally back up Google Messages to a Google Account, and as long as you have a passcode or lock screen password, the backup of the text of those conversations is end-to-end encrypted. A feature to turn on end-to-end encrypted backups directly in the Google Messages app, similar to how WhatsApp handles it, was spotted in beta last year but hasnt been officially announced or released.

Everyone in the Group Chat Needs to Get Encrypted

Note that even if you take the extra step to turn on end-to-end encryption, everyone else you converse with would have to do the same to protect their own backups. If you have particularly sensitive conversations on apps like WhatsApp or Apple Messages, where those encrypted backups are an option but not the default, you may want to ask those participants to either not back up their chats at all, or turn on end-to-end encrypted backups. Ask Yourself: Do I Need Backups Of These Conversations?

Of course, theres a reason people want to back up their conversations. Maybe you want to keep a record of the first time you messaged your partner, or want to be able to look back on chats with friends and family. There should not be a privacy trade-off for those who want to save those conversations, but unfortunately you do need to weigh whether or not its worth saving your chats with the potential of them being exposed in your security plan .

But also its worth considering that we dont typically need every conversation we have stored forever. Many chat apps, including WhatsApp and Signal , offer some form of disappearing messages, which is a way to delete messages after a certain amount of time. This gets a little tricky with backups in WhatsApp. If you create a backup before a message disappears, itll be included in the backup, but deleted when you restore later. Those messages will remain there until you back up again, which may be the next day, or may not be many days, if you dont connect to Wi-Fi.

You can change these disappearing messaging settings on a per-conversation basis. That means you can choose to set the meme-friendly group chat with your friends to delete after a week, but retain the messages with your kids forever. Google Messages and Apple Messages dont offer any such feature--but they should, because its a simple way to protect our conversations that gives more control over to the people using the app.

End-to-end encrypted chat apps are a wonderful tool for communicating safely and privately, but backups are always going to be a contentious part of how they work. Signals approach of not offering cloud storage for backups at all is useful for those who need that level of privacy, but is not going to work for everyones needs. Better defaults and end-to-end encrypted backups as the only option when cloud storage is offered would be a step forward, and a much easier solution than going through and asking every one of your contacts how or if they back up their chats.

I'm delighted to announce that we are rolling out default end-to-end encryption for personal messages and calls on Messenger and Facebook, as well as a suite of new features that let you further control your messaging experience. We take our responsibility to protect your messages seriously and we're thrilled that after years of investment and testing, we're able to launch a safer, more secure and private service.

Since 2016, Messenger has had the option for people to turn on end-to-end encryption, but we're now changing private chats and calls across Messenger to be end-to-end encrypted by default. This has taken years to deliver because we've taken our time to get this right. Our engineers, cryptographers, designers, policy experts and product managers have worked tirelessly to rebuild Messenger features from the ground up. We've introduced new privacy, safety and control features along the way like delivery controls that let people choose who can message them, as well as app lock , alongside existing safety features like report, block and message requests. We worked closely with outside experts, academics, advocates and governments to identify risks and build mitigations to ensure that privacy and safety go hand-in-hand.

The extra layer of security provided by end-to-end encryption means that the content of your messages and calls with friends and family are protected from the moment they leave your device to the moment they reach the receiver's device. This means that nobody, including Meta, can see what's sent or said, unless you choose to report a message to us.

End-to-end encryption gives people more secure chats in Messenger. These chats will not only have all of the things people know and love, like themes and custom reactions, but also a host of new features we know are important for our community. These new features will be available for use immediately, though it may take some time for Messenger chats to be updated with default end-to-end encryption.

Two new encryption algorithms developed by the US NSA have been rejected by an international standards body amid accusations of threatening behavior.

The Simon and Speck cryptographic tools were designed for encryption of the Internet of Things and were intended to become a global standard.

But the pair of techniques were formally rejected earlier this week by the International Organization of Standards (ISO) amid concerns that they contained a backdoor that would allow US spies to break the encryption. The process was also marred by complaints from encryption experts of threatening behavior from American snoops.

When some of the design choices made by the NSA were questioned by experts, the US response was to personally attack the questioners. While no one has directly accused the NSA of inserting backdoors into the new standards, that was the clear suspicion, particularly when it refused to give what experts say was a normal level of technical detail. It took 3 years for the ISO to extract technical details about the encryption. But by then the trust had been undermined and the vote went against the standards at a meeting in the US late last year.

The Hungarian ruling party wants to ban all working crypto. The parliamentary vice-president from Fidesz has asked parliament to:

Ban communication devices that [law enforcement agencies] are not able to surveil despite having the legal authority to do so.

Since any working cryptographic system is one that has no known vulnerabilities, whose key length is sufficient to make brute force guessing impractical within the lifespan of the universe, this amounts to a ban on all file-level encryption and end-to-end communications encryption, as well as most kinds of transport encryption (for example, if your browser makes a SSL connection to a server that the Hungarian government can't subpoena, it would have no means of surveiling your communication).

A draft copy of a US law to criminalize strong encryption has been leaked online. And the internet is losing its shit.

The proposed legislation hasn't been formally published yet: the document is still being hammered out by the Senate intelligence select committee. The proposal reads:

The underlying goal is simple, when there's a court order to render technical assistance to law enforcement or provide decrypted information, that court order is carried out. No individual or company is above the law. We're still in the process of soliciting input from stakeholders and hope to have final language ready soon.

The draft legislation, first leaked to Washington DC insider blog The Hill, is named the Compliance with Court Orders Act of 2016 , and would require anyone who makes or programs a communications product in the US to provide law enforcement with any data they request in an intelligible format, when presented with a court order.

The bill stems from Apple's refusal to help the FBI break into the San Bernardino shooter's iPhone, but goes well beyond that case. The bill would require companies to either build a backdoor into their encryption systems or use an encryption method that can be broken by a third party.

On example of the tech community response was from computer forensics expert Jonathan Dziarski who said:

The absurdity of this bill is beyond words. Due to the technical ineptitude of its authors, combined with a hunger for unconstitutional governmental powers, the end result is a very dangerous document that will weaken the security of America's technology infrastructure.

Update: Pakistan and Turkey too

12th April 2016. See article from vocativ.com

At least two other countries--Pakistan and Turkey--already have versions of such laws on the books. The Pakistan Telecommunications Authority has previously instructed the country's internet service providers to ban encrypted communication, though it's largely VPN use, which can be used to circumvent location-based internet censorship, that has been actively restricted there, and WhatsApp is still popular. Turkey takes the anti-encryption law on its books more seriously, and used it to initially charge Vice journalists arrested in southeastern Turkey in September 2015.

Meanwhile, France's National Assembly passed a bill in May to update its Penal Code to fine companies that don't find a way to undo their own encryption when served with a warrant in a terrorism investigation. The french? Senate version of this bill excludes this provision, and seven members from each house will now begin a compromise.

Update: Bill stalls

13th May 2016. See article from click.actionnetwork.org

Thanks to the attention brought to the importance of encryption via Apple vs FBI from Fight for the Future and other strong voices, Compliance with Court Orders Act of 2016 - one of the worst national security bills ever drafted - is stalled.

Messaging app WhatsApp has announced that it has added encryption for all voice calls and file transfers for all users.

It renders messages generally unreadable if they are intercepted, for example by criminals or law enforcement. No doubt if the security services throw all their computing might at a message then they may be able to decrypt it by brute force.

The Facebook-owned company said protecting private communication of its one billion users worldwide was one of its core beliefs . Whatsapp said:

The idea is simple: when you send a message, the only person who can read it is the person or group chat that you send that message to. No one can see inside that message. Not cybercriminals. Not hackers. Not oppressive regimes. Not even us.

Users with the latest version of the app were notified about the change when sending messages on Tuesday. The setting is enabled by default.

Users should be aware that snoopers can still see a whole host of non-content data about the communication, such as who was using the app, who was being called, and for how long.

Amnesty International called the move a huge victory for free speech:

Whatsapp's roll out of the Signal Protocol, providing end to end encryption for its one billion users worldwide, is a major boost for people's ability to express themselves and communicate without fear.

This is a huge victory for privacy and free speech, especially for activists and journalists who depend on strong and trustworthy communications to carry out their work without putting their lives at greater risk.

An open letter to the leaders of the world's governments SIGNED by organizations, companies, and individuals:

We encourage you to support the safety and security of users, companies, and governments by strengthening the integrity of communications and systems. In doing so, governments should reject laws, policies, or other mandates or practices, including secret agreements with companies, that limit access to or undermine encryption and other secure communications tools and technologies.

• Governments should not ban or otherwise limit user access to encryption in any form or otherwise prohibit the implementation or use of encryption by grade or type;
• Governments should not mandate the design or implementation of "backdoors" or vulnerabilities into tools, technologies, or services;
• Governments should not require that tools, technologies, or services are designed or developed to allow for third-party access to unencrypted data or encryption keys;
• Governments should not seek to weaken or undermine encryption standards or intentionally influence the establishment of encryption standards except to promote a higher level of information security. No government should mandate insecure encryption algorithms, standards, tools, or technologies; and
• Governments should not, either by private or public agreement, compel or pressure an entity to engage in activity that is inconsistent with the above tenets.

Organizations

Access Now, ACI-Participa, Advocacy for Principled Action in Government, Alternative Informatics Association, Alternatives, Alternatives Canada, Alternatives International, American Civil Liberties Union, American Library Association, Amnesty International, ARTICLE 19, La Asociación Colombiana de Usuarios de Internet, Asociación por los Derechos Civiles, Asociatia pentru Tehnologie si Internet (ApTI), Association for Progressive Communications (APC), Association for Proper Internet Governance, Australian Lawyers for Human Rights, Australian Privacy Foundation, Benetech, Bill of Rights Defense Committee, Bits of Freedom, Blueprint for Free Speech, Bolo Bhi, the Centre for Communication Governance at National Law University Delhi, Center for Democracy and Technology, Center for Digital Democracy, Center for Financial Privacy and Human Rights, the Center for Internet and Society (CIS), Center for Media, Data and Society at the School of Public Policy of Central European University, Center for Technology and Society at FGV Rio Law School, Chaos Computer Club, CivSource, Committee to Protect Journalists, Constitutional Alliance, Constitutional Communications, Consumer Action, Consumer Federation of America, Consumer Watchdog, ContingenteMX, Courage Foundation, Críptica, Datapanik.org, Defending Dissent Foundation, Digitalcourage, Digitale Gesellschaft, Digital Empowerment Foundation, Digital Rights Foundation, DSS216, Electronic Frontier Finland, Electronic Frontier Foundation, Electronic Frontiers Australia, Electronic Privacy Information Center, Engine, Enjambre Digital, Eticas Research and Consulting, European Digital Rights, Fight for the Future, Föreningen för digitala fri- och rättigheter (DFRI), Foundation for Internet and Civic Culture (Thai Netizen Network), Freedom House, Freedom of the Press Foundation, Freedom to Read Foundation, Free Press, Free Press Unlimited, Free Software Foundation, Fundacion Acceso, Future of Privacy Forum, Future Wise, Globe International Center, The Global Network Initiative (GNI), Global Voices Advox, Government Accountability Project, Hiperderecho, Hivos, Human Rights Foundation, Human Rights Watch, Institute for Technology and Society of Rio (ITS Rio), Instituto Demos, the International Modern Media Institute (IMMI), International Press Institute (IPI), Internet Democracy Project, IPDANDETEC, IT for Change , IT-Political Association of Denmark, Jonction, Jordan Open Source Association, Just Net Coalition (JNC), Karisma Foundation, Keyboard Frontline, Korean Progressive Network Jinbonet, Localization Lab, Media Alliance, Modern Poland Foundation, Movimento Mega, Myanmar ICT for Development Organization (MIDO), Net Users' Rights Protection Association (NURPA), New America's Open Technology Institute, Niskanen Center, One World Platform Foundation, OpenMedia, Open Net Korea, Open Rights Group, Panoptykon Foundation, Paradigm Initiative Nigeria, Patient Privacy Rights, PEN American Center, PEN International, Pirate Parties International, Point of View, Privacy International, Privacy Rights Clearinghouse, Privacy Times, Protection International, La Quadrature du Net, R3D (Red en Defensa de los Derechos Digitales), R Street Institute, Reinst8, Restore the Fourth, RootsAction.org, Samuelson-Glushko Canadian Internet Policy & Public Interest Clinic (CIPPIC), Security First, SFLC.in, Share Foundation, Simply Secure, Social Media Exchange (SMEX), SonTusDatos (Artículo 12, A.C.), Student Net Alliance, Sursiendo; Comunicación y Cultura Digital, Swiss Open Systems User Group /ch/open, TechFreedom, The Tor Project, Tully Center for Free Speech at Syracuse University, Usuarios Digitales, Viet Tan, Vrijschrift, WITNESS, World Privacy Forum, X-Lab, Xnet, Zimbabwe Human Rights Forum

Sign the petition from securetheinternet.org