Elon Musk has been spitting a lot of ‘idea-balls’ against the wall since his Twitter takeover was announced. One of the most applauded, yet at the same time somewhat controversial, being the introduction of end-to-end encrypted direct messages to what you might call Twitter 2.0.
Will Elon Musk’s Twitter 2.0 introduce encrypted messaging?
In an April 28 tweet, Musk stated that “Twitter DMs should have end-to-end encryption like Signalso no one can spy on or hack your messages. “At the time of writing, Musk’s tweet has amassed 1.4 million likes and has been retweeted more than 110,000 times.
It’s no secret that the Forbes Straight Talking Cyber The team of myself, Kate O’Flaherty and Zak Doffman are all users of the Signal encrypted messaging app. So, it’s a good thing that Musk should be trying to make the Twitter direct message functionality more like Signal in terms of privacy, right? An Electronic Frontier Foundation (EFF) posting four days prior to Musk’s announcement was calling for just this. In it, the campaigning organization stated that “when you send a direct message on Twitter, there are three parties who can read that message: you, the user you sent it to, and Twitter itself.”
This, the EFF continued, means that Twitter can hand them over in response to requests from law enforcement. Not just that, it continued, but “they can be leaked, and internal access can be abused by malicious hackers and Twitter employees themselves.”
Encrypted messages are not a privacy panacea
Certainly, one of the repeated concerns I saw tweeted across the social network when Musk had made it known he wanted to buy Twitter, was that as the owner he could read any direct messages past and present. While end-to-end encryption isn’t a privacy panacea, it would at least calm those particular snooping fears.
What it cannot do is provide a 100% private messaging platform. Anyone with access to your account, be that a family member picking up an unlocked phone or a threat actor who has compromised the endpoint, could still read all your messages. There’s also an argument to be made about people abusing such encrypted messaging, one reason why it isn’t implemented already.
Twitter itself states that it has the ability to “manually review DMs to investigate reported violations and misuse of our service, or to comply with laws or governmental requests.“All of which is without taking into consideration those regimes which prohibit, or at least restrict, the use of such encrypted platforms.
It remains to be seen if Musk would be willing to sacrifice his vision of a free speech social network in those countries in order to provide encrypted messaging to everyone else. The coming months will, I suspect, involve a lot of waiting and seeing.