Three ways the European Union could ruin WhatsApp

Today, let’s talk about Europe’s aggressive move to require major online messaging services to be interoperable, and see how WhatsApp thinks through the conflicting mandates it receives from regulators.

In Europe, two big ideas currently dominate those who regulate tech companies. One is that it should be easier to compete with tech giants, and a good way to do that is to force their services to play well with others. Second, the privacy of user data is of paramount concern and any sharing of data between companies should be treated with the utmost suspicion.

It is unclear to what extent regulators realize that, extremely importantly, these ideas are often in conflict. But right now, they’re on an absolute collision course, and it’s no exaggeration to say that the future of end-to-end encryption hangs in the balance.

I have now written enough about global threats to encryption that I feel like a somewhat tedious guest, always bringing the conversation back to my favorite issue no matter what else is happening. But the aftermath of Russia’s invasion of Ukraine, in which Moscow police arrested anti-war protesters and searched their phone messages, offered only the latest illustration of why where it all counts: the ability to communicate privately in a world of ubiquitous surveillance and expanding data. retention is of real and practical importance to almost all of us.

On Thursday, European officials reached agreement on the Digital Markets Act, landmark legislation that would change the way tech giants compete with their rivals. The law applies to what it calls “gatekeepers” – defined as any platform with a market capitalization of €75 billion, or more than €7.5 billion in European revenue. So: yes to WhatsApp and iMessage; no to the signal and the telegram.

Among many other provisions, the DMA would likely prevent Amazon from using data from its third-party sellers to inform its own product development, and would require Android to offer users alternatives to Google Search and email.

I say probably because the current text of the agreement is not publicly available. I never feel more at risk of making a mistake than when I write about the legislative process of the European Union; the last time I did this I had to post corrections two days in a row. But my understanding is that what has been agreed is essentially a rough framework for the eventual law, and the final text is still forthcoming.

Meanwhile, legislation is being drafted in working groups; some of the language they envision leaks and is posted on Twitter by various parties. These leaks, combined with past public statements and previous bills, are how we know anything about Europe’s plans for messaging apps.

For example, what we know about DMA interoperability projects comes in part from Benedict Evans tweeting the language of the draft proposal:

“Allow any provider of [messaging apps] at their request and free of charge to interconnect with the doorman [messaging apps]. The interconnection must be provided under conditions and of a quality objectively identical to those available or used by the gatekeeper, its subsidiaries or its partners, thus allowing functional interaction with these services, while guaranteeing a high level of security and protection of personal data.

Over the weekend, crypto experts sounded the alarm over the idea, saying platforms might not be able to do this in a way that leaves messages encrypted. As Alex Stamos of Stanford’s Internet Observatory told me, “Writing the law to say ‘You must enable full interoperability without creating privacy or security risks’ is like ordering doctors to cure cancer.”

The problems are quite simple; Corin Faife captured a few here at The edge:

Given the need for precise implementation of cryptographic standards, experts say there is no simple solution that can balance security and interoperability for encrypted messaging services. Indeed, there would be no way to merge different forms of encryption across apps with different design features, said Steven Bellovin, a renowned internet security researcher and professor of computer science at Columbia University.

“Trying to reconcile two different cryptographic architectures is simply impossible; one side or the other will have to make major changes,” Bellovin said. “A design that only works when both parties are online will be very different from one that works with stored messages… How do you get those two systems to interact?”

Disdain for new demands is not universal; Matrix, a non-profit organization working to create an open-source standard for encrypted communication, published a blog post on Friday explaining some possible technical paths.

But clearly, insofar as there might be a way for services like iMessage and WhatsApp to interoperate and preserve encryption, that way has yet to be invented.

At the very least, it has not yet been built.

Due in large part to confusion over what exactly is on offer, platforms have so far had little to say about DMA and interoperability. (The giants lobbied hard against DMA, but apparently without much success.) Apple and Google did not respond to my requests for comment.

But on Monday afternoon, I spoke to WhatsApp chief Will Cathcart via Zoom. End-to-end encryption has become WhatsApp’s flagship project under Cathcart, both on the product side (it rolled out encrypted backups last fall) and on the political side (fighting an ongoing legal battle to preserve encryption in India).

I asked how he felt about DMA as he understood it so far.

“I wonder if this will break or seriously infringe on privacy, if it will break much of the security work we have done that we are particularly proud of, and if it will actually lead to more innovation. and competitiveness,” Cathcart said.

It is easy to dismiss these concerns as self-serving: Classes WhatsApp will oppose opening its doors to allow other apps to integrate into its own user experience. But when I pressed Cathcart on WhatsApp about what would be so bad, his responses offered a lot to regulators and daily WhatsApp users alike.

Among them:

  • spam. The centralized nature of WhatsApp allows it to identify and remove spam before it reaches your phone. it deletes millions of accounts every month for trying. Third-party services that connect to WhatsApp may not be as aggressive or overtly accept spam. “We’ve seen a lot of apps coming out and marketing themselves as mass messaging on the WhatsApp network,” Cathcart said. “What happens when one of them comes along and wants to interact?”
  • Disinformation and hate speech. WhatsApp adopted transfer limits to limit the viral spread of messages after it was used to promote election hoaxes and violence; third-party services may not be required to do so. Would a WhatsApp transfer service be allowed to use the API? Would WhatsApp have to let him?
  • Private life. WhatsApp can guarantee users end-to-end encryption and that its new messages that disappear are indeed deleted, because it can see the entire chain of communication. However, it won’t be able to see what third-party apps do with the messages after they’re delivered, raising fears that users could be exploited.

To what extent do European regulators understand this?

“It’s really hard to say without being able to see what they’ve decided,” Cathcart said. “I don’t know. Did they consult extensively with security experts? Reactions from a group of security experts I saw suggest that those experts, at least, were not consulted.

It is also worth asking what interoperability will actually do to make the messaging market more competitive. Email is an open, interoperable standard and has been for decades; but today, Apple, Google and Microsoft hold around 90% of the market. Meanwhile, the messaging app market is much more dynamic even without interoperability: it includes apps from Meta, Telegram, Signal, Snap and others.

Part of the reason is that companies can add features faster when they don’t have to build open APIs to support them. Notably, Snap said two years ago that mandated interoperability would be “a clean goal of enormous proportions” for regulators, “since the end effect would be to sclerosis the market, closing it off to innovative newcomers.”

That said, I’m not entirely immune to the allure of interoperability. As someone who spends most of my day switching between inboxes, the idea of ​​having fewer places to send and receive messages is clearly appealing. And I’m open to the idea that newbies could use access to APIs from iMessage, WhatsApp and the like to get innovations in front of users faster than typically slower tech giants, and grow faster in result.

But Europe’s simultaneous push for increased competition and maximum user privacy appears to be a clear case of one hand not knowing what the other is doing. The thing is, hardly anyone I’ve read or talked to thinks you can do both, at least not in the way that the EU offers. And any solution that materializes can open up worrying new vulnerabilities around privacy, misinformation, hate speech and other danger zones.

Regulation is always about trying to solve old problems without trying to create too many new ones in the process. But getting there requires developing a deep technical understanding of the issues at stake and discussing them with experts in public. So far, the European Union hasn’t shown much evidence of doing either.

For encrypted messaging to have a real future, that’s going to have to change, and soon.