On March 24th, the EU’s governing bodies declared that they had achieved an agreement on the Digital Markets Act, the most comprehensive legislation aimed at Big Tech in Europe (DMA).
The bill’s most eye-catching provision would force all major digital companies with a market valuation of more than €75 billion or a user base of more than 45 million people in the EU to develop products that are compatible with smaller platforms. For messaging applications, this means allowing end-to-end encrypted services like WhatsApp to coexist with less secure protocols like SMS, which security experts fear would jeopardize hard-won achievements in message encryption.
The DMA’s major focus is on a group of large digital corporations known as “gatekeepers,” which are defined by the size of their audience or income and, as a result, the structural influence they have over smaller rivals.
The government hopes that the new restrictions would “break open” some of the services supplied by such organizations, allowing smaller enterprises to compete. Allowing users to install third-party applications outside of the App Store, allowing outside vendors to rank better in Amazon searches, and mandating messaging programs to exchange texts over different protocols are all possibilities.
However, this might represent a serious challenge for services that promise end-to-end encryption: cryptographers agree that maintaining encryption across applications will be difficult, if not impossible, with potentially disastrous consequences for consumers. Signal is tiny enough that the DMA requirements would have no impact on it, but WhatsApp, which utilizes the Signal protocol and is owned by Meta, would.
As a result, part, if not all, of WhatsApp’s end-to-end communications encryption may be degraded or deleted, potentially depriving a billion users of the privacy benefits of private chat.
Experts claim there is no easy solution to balance security and interoperability for encrypted messaging services due to the necessity for exact implementation of cryptographic standards. According to Steven Bellovin, an accomplished internet security researcher and professor of computer science at Columbia University, “there would be no way to effectively fuse together multiple types of encryption across apps with diverse design elements.”
“It’s just not possible to harmonize two distinct cryptographic designs; one side or the other will have to make big changes,” Bellovin added. “A design that only works when both parties are online would appear to be very different from one that operates with saved communications…. “How can you get those two systems to talk to one other?”
Bellovin claims that making multiple messaging services compatible might lead to a lowest common denominator design approach, in which the distinctive characteristics that make individual programs useful to consumers are taken away until a shared level of compatibility is attained. If one app supports encrypted multi-party communication while the other does not, sustaining conversations between them will almost always necessitate dropping the encryption.
Alternatively, the DMA proposes a different approach, which is equally unsatisfactory to privacy advocates: messages sent between two platforms with incompatible encryption schemes are decrypted and re-encrypted when passed between them, breaking the chain of “end-to-end” encryption and creating a point of vulnerability for bad actors to intercept.
It would be a mistake, according to Alec Muffett, an internet security expert and former Facebook engineer who recently assisted Twitter in launching an encrypted Tor service, to believe that Apple, Google, Facebook, and other tech companies are creating identical and interchangeable products that can be easily combined.
“They would properly stare at you if you went into a McDonald’s and said, ‘In the spirit of shattering corporate monopolies, I demand that you add a sushi platter from some other restaurant with my order,'” Muffett said. “What happens when the ordered sushi is delivered by courier from the purportedly desired sushi restaurant to McDonald’s?” Is it possible and appropriate for McDonald’s to provide that sushi to the customer? Was the courier a real person? “Was it cooked in a safe manner?”
At the moment, each messaging service is responsible for its own security, and Muffett and others have argued that requiring interoperability exposes users of one service to vulnerabilities developed by another. Finally, total security is only as good as its weakest link.
Another issue cited by security experts is the difficulty of keeping a consistent “namespace,” or the collection of IDs used to identify different devices in every networked system. Because one of the fundamental principles of encryption is that communications be encoded in a form that is unique to a known cryptographic identity, proper identity management is critical to preserving security.
“How do you tell your phone who you want to talk to, and how does the phone discover that person?” said Alex Stamos, the head of the Stanford Internet Observatory and a former Facebook chief security officer. “End-to-end encryption is impossible to achieve without trusting each supplier to handle identity management… If the aim is for all messaging systems to treat their users the same, this will be a nightmare in terms of privacy and security.”
The DMA hasn’t elicited such a harsh response from all security professionals. In a blog post from Matrix, a project dedicated to the creation of an open-source, secure communications standard, several of the problems raised by Muffett and Stamos have been addressed.
The piece, written by Matrix co-founder Matthew Hodgson, admits the difficulties of required interoperability but argues that the benefits of confronting the tech giants’ insistence on walled communications ecosystems outweigh the disadvantages.
Hodgson told The Verge, “In the past, gatekeepers disregarded the effort of [interoperability] as not being valuable.” “After all, building a walled garden is the default course of action, and once you’ve done that, the temptation is to attempt to catch as many users as possible.”
However, given how delighted users are to have their trust and social graph centralized in one app, it’s questionable whether the top-down imposition of cross-platform communications is reflected by demand from below.
“iMessage already has interoperability: it’s called SMS, and people despise it,” Alex Stamos explained. “It also has extremely poor security features that cannot be explained by green bubbles.”