End-to-end encryption poses no problem for government messaging solutions, however ephemeral messages or messages that disappear do. Government Messaging Solutions must comply with the relevant data protection government requirements, especially with regards to classified information.Īpps like Confide, for example, which was reportedly used by Republican operatives and White House staffers pose issues because there is no record of the messages sent. The problem with such features, however, is that they can be at odds with compliance. This means that a secure, ephemeral communication platform that ensures that messages cannot be screenshotted, forwarded, printed or saved to the device must be in place. For these reasons, safety mechanisms need to be in place once messages reach the recipient. Government officials frequently need to communicate critical sensitive information-and it’s imperative that such conversations are not seized by or leaked to third parties with bad intentions. When it comes to government messaging solutions, government officials need to think beyond encryption. Anyone who uses these platforms face the same risks-their conversations could be accessed by a third party. While these are examples where people were using encrypted messaging for questionable purposes it points to a larger problem. In another investigation, the FBI was able to obtain messages sent over Signal by White House staff and a New York Times reporter.
During their ongoing investigation, the FBI obtained Whatsapp messages sent by Paul Manafort.
And if you have multiple devices that sync chats, the risk of sensitive conversations being exposed increases X fold.Īgain – it ‘should’ be simple but it isn’t always straight forward. As an example, Whatsapp has cloud back up enabled by default, risking exposure of decrypted messaging. And then there’s the issue of how data is backed up. In addition, someone may save the conversation for an indefinite amount of time, increasing the risk that it will be shown-either by purpose or inadvertently-to a third party – or breached. One of the recipients in a conversation may choose to share sensitive messages with others via screenshots, cut and paste or simply by forwarding information that you never intended to go outside your circle of original recipients. It should be simple-using an end-to-end encryption app should ensure that your messages are secure, right? But while the messages areprotected from the time the user presses send and is in transit, once it’s on the recipient’s device that’s a whole different story.Įncryption can’t protect you from certain human behaviors. They may offer encryption but they fail to secure messages on devices and don’t address critical compliance issues related to government communication.Ĭomprehensive Government Messaging Solutions Require More than Just Encryption But as government messaging solutions go, such tools are limited, and in most cases not as secure as one might think.
White House staffers have reportedly used the encryption app Confide to communicate, French president Macron’s inner circle has relied onTelegram, and former Australia Prime Minister Malcom Turnbull turned to Wickr and Whatsapp. It should be no surprise that government officials have been turning to other, more secure mediums, to communicate. The DNC email leak in 2016 revealed just how insecure email communications can be.