With this statement, Musk engaged in a long-running debate among technologists and privacy advocates about what level of encryption apps and platforms it should provide to its users. Rising privacy concerns have led to questions about how much tech companies collect user data, and several platforms — including the messaging app Signal that Musk noted — have begun touting end-to-end encryption as a key feature.
This ability means that communications can only be seen by senders and recipients, without the platform being able to access them. While some apps, such as Signal and WhatsApp, have end-to-end encryption by default, others including Telegram, Instagram, and Facebook Messenger allow users to sign up for encrypted messages.
Twitter did not respond to a request for comment.
“It would be an important step in favor of user privacy if Twitter were to run [end-to-end encryption] For DMs, because it would prevent the company from reading its users’ conversations or revealing them to anyone else,” Rihanna Pfefferkorn, a researcher at Stanford Internet Observatory whose work focuses on cryptography, told CNN Business that the company should link them. Her hands in this way will prevent any bad actors within the company from abusing their access as an employee to user data.”
The fact that the influential platform will now be under new ownership raises new questions about what data it has access to.
Hours after Musk announced he would take over Twitter, Oregon Senator Ron Wyden — a longtime advocate of digital privacy — issued another warning.
“Twitter is used in this type of live chat less than Signal, SMS, WhatsApp and Telegram,” he said. “It’s semi-public.”
And Twitter’s architecture — a single platform that includes public tweets and direct messages, and can be accessed on its website as well as mobile apps across multiple operating systems — could make end-to-end encryption more complex than early mobile messaging platforms like Signal, according to Deirdre Connolly, an engineer. encrypt.
“No web service has successfully cashed end-to-end encrypted messages on it – after its initial deployment –,” Connolly said, adding that most of the apps it offers either started from a mobile platform and expanded, or “designed web and mobile apps for [end-to-end encrypted] Messaging from the start.
“Building a secure web application that runs in a modern, patched web browser is a fundamentally different and more difficult task than doing the same on the desktop or especially on a mobile phone,” she said. “They haven’t done it yet because it’s hard. Really hard.”
Twitter and other companies often have policies and controls in place to prevent unauthorized access to private messages. But encrypting these messages “bypasses policy or access controls by making access impossible in the first place.” [and] It will also limit the information that a malicious third party can obtain about a particular user, whether that be a hacker or someone pretending to be law enforcement,” Pfefferkorn said.
Altogether, [end-to-end encryption] For DMs it would be a net gain for user privacy and security.”