What does it mean for human rights?
End-to-end encryption scrambles messages so that only the sender and the recipient can decipher them.
Messages are encrypted on the device of the sender and decrypted on the device of the recipient
Even the company providing the messaging service can’t view the contents of messages
It is considered the most secure and privacy-protective method of
communication.
The enhanced privacy protections enabled by end-to-end encryption are increasingly relevant for users’ ability to enjoy their human rights in a rapidly changing world marked by several factors:
Rising digital authoritarianism and hostile use of surveillance and spyware
Evolution of digital security to address new threats
Increasingly global and sensitive online communications
Click through to explore the scenarios.
Today’s encryption debate is perceived to pit two opposing groups against each other, with privacy on one side and security on the other. However, the reality is much more nuanced.
There are privacy and security concerns on both sides, along with many
other interconnected human rights that are impacted both positively
and negatively by end-to-end encrypted messaging.
End-to-end encryption directly enables privacy, which enables:
Physical safety
Freedom of expression and opinion
Access to information
Freedom of belief and religion
Freedom of association and assembly
End-to-end encryption itself does not directly cause adverse human rights impacts. But users may abuse the privacy protections of end-to-end-encryption to:
The expansion of end-to-end encryption involves challenging human rights trade-offs.
For example, a range of techniques have been proposed as solutions to enable end-to-end encrypted messaging apps to identify, block, and report content such as child sexual abuse material.
However, because these techniques can be used to detect a variety of content, a well-intentioned attempt to protect children could be abused by governments to require companies to block legitimate content a government dislikes.
There are potential rights-based paths toward resolving those conflicts, but the evolving nature of the risks involved makes that challenging.
These recommendations can help companies avoid, prevent, and mitigate the potential adverse human rights impacts arising from the use of end-to-end encrypted messaging while also maximizing the beneficial impact it will have on human rights.
Provide more consistent, cohesive, and accessible methods for user reporting and sufficient capacity for review and appeal.
Expand and simplify in-app support and education features for vulnerable groups, such as children or those with lower levels of digital literacy.
Research and report publicly about the effectiveness of mitigation measures.
Invest in harm prevention strategies—the use of metadata analysis and behavioral signals, redirection/behavioral nudges, user education, etc.
Work with relevant stakeholders to address the system-wide challenges of end-to-end encrypted messaging, such as child sexual exploitation online and human trafficking.
See BSR’s Human Rights Impact Assessment on Meta’s Expansion of End-to-End Encryption
Read more about BSR's Human Rights Impact Assessment