Mark Zuckerberg's privacy blogpost: what he did and didn't say
There are two types of Mark Zuckerberg post, the short feature-packed ones and the long thinky ones. This is the latter, focused on “vision and principles”.
I understand that many people don’t think Facebook can or would even want to build this kind of privacy-focused platform, because frankly we don’t currently have a strong reputation for building privacy protective services, and we’ve historically focused on tools for more open sharing. But we’ve repeatedly shown that we can evolve to build the services that people really want, including in private messaging and stories.
This is the key to Zuckerberg’s vision. A definition of privacy that focuses on what users post and who sees it, rather than a more technical definition that brings in concepts such as data protection, consent-based processing of personal information and corporate uses of implied data. In short, he’s offering privacy on Facebook, but not necessarily privacy from Facebook.
In a few years, I expect future versions of Messenger and WhatsApp to become the main ways people communicate on the Facebook network. We’re focused on making both of these apps faster, simpler, more private and more secure, including with end-to-end encryption.
End-to-end encryption, which encrypts conversations from the moment they leave the sender’s phone until they arrive at the recipient’s, prevents anyone in the middle reading it, including Facebook itself. It does nothing, however, to prevent it from scanning metadata such as who users are texting and when they are active.
There are real safety concerns to address before we can implement end-to-end encryption across all of our messaging services … When billions of people use a service to connect, some of them are going to misuse it for truly terrible things like child exploitation, terrorism and extortion.
End-to-end encryption will leave Facebook finding some battles paradoxically easier to fight, because it can throw its hands up and declare itself powerless to intervene.
I believe there’s an opportunity to set a new standard for private communication platforms, where content automatically expires or is archived over time. Stories already expire after 24 hours unless you archive them, and that gives people the comfort to share more naturally. This philosophy could be extended to all private content.
The real drive for ephemerality is in the line “share more naturally”. Before Facebook successfully cloned Snapchat’s Stories feature, the company was worried about the decline in “organic” sharing, normal people posting content about their own lives.
People want to be able to choose which service they use to communicate with people. However, today if you want to message people on Facebook you have to use Messenger, on Instagram you have to use Direct, and on WhatsApp you have to use WhatsApp. We want to give people a choice so they can reach their friends across these networks from whichever app they prefer.
Zuckerberg has a narrow definition of interoperable. You will be able to use any app you want to contact your friends, as long as Facebook made it. This shift, first announced in January, is widely seen as an attempt to pre-empt regulation that might force Facebook to spin off Instagram, WhatsApp or both. If the technology behind the three apps is commingled, then Facebook could argue with regulators that a sale is impossible.
People want to know their data is stored securely in places they trust. Looking at the future of the internet and privacy, I believe one of the most important decisions we’ll make is where we’ll build data centres and store people’s sensitive data.