WhatsApp is an extremely popular chat app that can fully encrypt conversations, and Facebook’s own COO Sheryl Sandberg says that changing that might actually make things easier for violent extremists, rather than making it easier for police and response forces to track their actions. While the common logic is that removing encryption from WhatsApp would allow government agents to see messages sent with the service, Sandberg pointed out that such a move would simply drive extremists to other encrypted messaging services, and would thus bypass what she deems is a key WhatsApp feature. Unlike many other fully encrypted chat apps, WhatsApp does not encrypt the metadata of messages. This means that a given message cannot be read, but data pertaining to its dispatch time and the identities of chat participants can be seen by third parties.
Sandberg’s argument is theoretically sound, but the simple fact is that encrypted messaging services can prove challenging and cause problems in certain criminal cases. According to Sandberg, Facebook is in talks with worldwide authorities about how to assuage this issue without scaring offenders off of WhatsApp or compromising the security of everyday users. She said that around 4,500 people are already working on possible solutions for this very issue, and around 3,000 more will be joining this effort soon. Those 7,000 agents will form an “online army” of sorts, meant to help find questionable use cases of the service, particularly terrorists. Sandberg also mentioned Facebook’s use of AI to help hunt down hateful or violent messages on WhatsApp and other channels in her recent interview on BBC’s Desert Island Discs radio show.
The U.S. government, for the most part, seems to be pushing for the service, along with most other encryption use cases such as on-device encryption, to have a built-in “backdoor” that would allow them to use a special key to decrypt any data. The problem with this, of course, is the security vulnerabilities that it presents, namely that the key could get leaked, or that the creation of such a key could generate a possible exploit. The backdoor debate is likely to continue until an alternate solution of some sort is found. For the time being, some tech companies may submit or simply stay taciturn on the issue, while others will publicly state their outright refusal to implement such a measure.