Today @bsrnews is publishing a human rights assessment of Meta’s planned expansion of end-to-end encryption (E2EE) across its messaging services. A (necessarily long) thread, 1/23: #bizhumanrights bsr.org/en/our-insight…
The assessment took place over 2 years, and was informed by extensive research, interviews, and peer review. It's 100+ pages long, so we’ve also published an executive summary at the link above, and a blog here bsr.org/en/our-insight…. Below are our key findings. 2/23
A human rights-based approach can bring needed nuance to the encryption debate and help break out of the binary privacy vs. security framing. The reality is far more complex. Looking at impacts on *all* human rights helps reveal this. 3/23
There’s no “benefits outweigh harms” or visa versa framing-it's inconsistent w/ a human rights approach. (This article gets that wrong washingtonpost.com/technology/202…). Instead we ask “what are the risks, what are the opportunities, how can we address the risks & maximize the opps.” 4/23
E2EE directly enables the increased realization of many human rights, including privacy, physical safety, freedom of opinion and expression, freedom of religion, freedom of assembly and association, access to remedy, and political participation. 5/23
The enhanced privacy protections of E2EE are essential to protect our human rights in today’s context of rising digital authoritarianism, sophisticated digital security threats, and growth of sensitive communications online and across geographic borders. 6/23
E2EE is especially important for vulnerable groups, such as human rights defenders, journalists, political activists, women, refugees, migrants, and members of the LGBTQIA+ community. 7/23
E2EE should not only be a privilege of the technically savvy and those able to opt-in, but democratized and available to everyone—a factor that is especially important in the context of Meta’s 2.8 billion+ users 8/23
However, by making harmful content and behavior more difficult to detect, E2EE comes with human rights risks as well. Key risk areas are child sexual exploitation, hate speech, harmful mis/disinfo, human trafficking, illicit goods sales, and terrorism/violent extremism. 9/23
Contrary to popular belief, much can be done to address these risks in E2EE messaging. We make recs for product (e.g., reporting channels), process (e.g., behavioral signals), product policy (e.g., community standards), & public policy (e.g., law enforcement relationships). 10/23
Many of the adverse human rights impacts associated with E2EE are system-wide, whole of society issues that exist beyond E2EE and cannot be addressed by Meta alone. Collaborative multi stakeholder efforts are therefore key. 11/23
There are many complex and challenging human rights tensions involved in implementing E2EE. It’s one reason the encryption debate has continued for decades with no resolution. We explore these tensions and use a human rights framework to suggest possible solutions. 12/23
One of the most challenging debates we explore is about whether companies should implement “client-side scanning” solutions to detect and report problematic content in E2EE messaging, particularly child sexual abuse material. No easy answers here. 13/23
There’s pages of analysis in the report on this that’s impossible to repeat in a thread, so if the client-side scanning debate interests you please do read it there. Here’s an attempt to summarize…14/23
There are two main risks associated with client-side scanning. These are not new. First is that the technical feasibility, resiliency, and integrity of client-side scanning methods for E2EE messaging at scale are uncertain and highly debated in the technical community. 15/23
Second is the “slippery slope risk”–the risk that if Meta were to implement client-side scanning for CSAM (a legitimate aim), governments could see that capability and require them to scan for any content they dislike. This would lead to lots of censorship and surveillance. 16/23
Given the current global political context around content moderation, especially in places like India, Russia, and Brazil, the slippery slope risk is very real and unlikely to go away any time soon. 17/23
With that context in mind, we conclude that today’s methods of client-side scanning should not be deployed because they would undermine the cryptographic integrity of E2EE and constitute a disproportionate restriction on privacy and free expression. 18/23
Theoretical approaches that would preserve the cryptographic integrity of E2EE (i.e., homomorphic encryption) may be human rights compliant but aren't currently technically feasible in messaging at scale. If they were, they would still pose that slippery slope risk. 19/23
We make one rec here Meta disagrees with. We encourage further research to find cryptographic integrity respecting client-side scanning solutions for CSAM if the slippery slope risk can ever be addressed. See Meta’s response for more info. 20/23 about.fb.com/news/2022/04/e…
We welcome Meta’s public response to the assessment, setting out the company’s intention to implement 34 of our recommendations, partly implement 4, assess the feasibility of 6, and take no further action on one. 21/23 about.fb.com/wp-content/upl…
We also are pleased Meta decided to publish this assessment in full, esp. given its utility for the human rights field and the regulatory battles related to encryption. It’s the culmination of 2+ years of diligent work that informed Meta’s E2EE decision making in real-time. 22/23
We thank all stakeholders and experts who contributed to the assessment, which we hope makes a significant contribution to how rights-respecting approaches to the deployment of E2EE can take shape. 23/23
• • •
Missing some Tweet in this thread? You can try to
force a refresh
