WhatsApp end-to-end encrypted backups rolling out ‘slowly’

Facebook CEO Mark Zuckerberg announced last month that WhatsApp end-to-end encrypted backups were on the way for those who like to store backups on cloud services like iCloud and Google Drive. This privacy feature is now rolling out “slowly” for both iOS and Android users.

Actual WhatsApp chats are always end-to-end encrypted, but this new feature means that any backup you choose to make will have the same level of protection …

This was stated by Zuckerberg on his Facebook page.

While end-to-end encrypted messages you send and receive are stored on your device, many people also want a way to back up their chats if they lose their phone. As of today, we provide an extra, optional layer of security to protect backups stored on Google Drive or iCloud with end-to-end encryption. No other global messaging service on this scale provides this level of security for their users’ messages, media, voicemails, video calls and chat backups.

You can now secure your end-to-end encrypted backup with either an optional password or a 64-digit encryption key that only you know. Neither WhatsApp nor your backup service provider will be able to read your backups or access the key required to unlock it.

With more than 2 billion users, we are happy to give people more choices to protect their privacy. We are slowly rolling out this feature to those with the latest version of WhatsApp. More information on how to protect your chat backups with end-to-end encryption on iOS and Android can be found here, and more information on how we built it can be found here.

The company has not said what “slow” rollout means, but it said it will do so carefully “to ensure a consistent and reliable user experience for people on iOS and Android around the world.”

The most common reason for backing up is to make sure chats are safe if your devices are lost or stolen. Facebook is issuing the obvious warning that E2E-encrypted backups cannot be restored if you forget your password, as neither WhatsApp nor your cloud service will be able to decrypt the file.

When the feature rolls out, open WhatsApp and go to Settings> Chats> Chat backups> End-to-End encrypted backup, and then follow the instructions. If you do not see the E2E setting, the feature has not yet been rolled out for you.

If you would like to understand more about how the feature works, there is a white paper here and a technology blog here.

The move could increase pressure on Apple to introduce end-to-end encryption for iCloud backups of iPhones. Currently, backups are encrypted, but Apple has a key. It is only ever used when a valid court order is presented, but it creates three vulnerabilities. First, not all governments respect human rights so that they can issue court orders against political opponents. Second, someone in Apple with the necessary powers could sniff. Third, a hacker may be able to gain access.

A number of us had wondered if Apple’s CSAM plans might be a precursor to end-to-end encryption of iCloud backups, as scanning the device would ensure these were detected before backups were created. The delay in the CSAM launch means we are still waiting to see if this can be the case.

Meanwhile, a company with Facebook’s checkered reputation should have a higher privacy standard than Apple when it comes to cloud backups, to stick around a bit.

FTC: We use revenue-earning auto affiliate links. More.


Check out 9to5Mac on YouTube for more Apple news:

Leave a Comment