CybersecurityI report and analyse breaking cybersecurity and privacy stories


With the news that WhatsApp and Instagram are to merge ‘under the hood’ with Facebook Messenger to create a unified messaging platform, the focus is quickly switching to what this means for user privacy. Mark Zuckerberg has stated that he wants the new platform that integrates WhatsApp, Facebook and Instagram messaging to be end-to-end encrypted but that may well not be as easy to implement as he thinks, if possible at all. Indeed, I have my doubts as to whether it is something that Facebook really wants given how important data visibility is to the business model of the social network.

Of the three messaging services, currently only WhatsApp supports end-to-end encryption by default while Facebook Messenger users need to switch the ‘secret conversations’ feature on and Instagram users get no such option at all. Here’s the thing then: what happens if, for example, an Instagram user (or a Facebook Messenger user with secret conversations toggled off) messages a WhatsApp user? There will be an expectation from the WhatsApp user that all their messages are encrypted across the entire communication process, but Instagram messages aren’t encrypted at the moment. Will the new platform impose default end-to-end encryption for all users regardless of which service they are actually using?