Allo, the messaging service Google announced today at its Google I/O conference, is designed to allow a new style of communication, in which a clever bot listens in on your conversations and offers helpful suggestions and services. But a different feature is just as significant, one that’s designed to let no one listen in on your conversations at all: Not Google, not any hacker or eavesdropper, not even an FBI agent with a warrant.
When it launches this summer, Allo will offer an “incognito” mode that switches on an end-to-end encryption system known as Signal, designed by the privacy-focused non-profit Open Whisper Systems. In that incognito mode, only the two phones at either end of a conversation will possess the secret keys necessary to decrypt messages. Google's new video calling app Duo will use end-to-end encryption, too. The result is a pair of tools that are resistant to government surveillance: Google couldn’t, in theory, help law enforcement decipher an incognito Allo conversation or Duo call even if it wanted to. And in the wake of Apple’s landmark fight with the FBI over the encrypted iPhone of San Bernadino killer Syed Rizwan Farook, the move represents another step in Silicon Valley’s shift toward user-controlled encryption in defiance of law enforcement.
"With incognito mode, Allo gives users additional controls over their privacy and security," said Erik Kay, a Google engineering director in the Google I/O keynote. "We anticipate adding even more security features to it over time."
In Allo's incognito mode, the app will offer Snapchat-style expiring messages that delete themselves after a set time or when a conversation window is closed. And by adopting the open-source encryption system developed for the encrypted voice and messaging app Signal, the app will gain a level of protection from eavesdroppers that's resistant to even sophisticated spies. Edward Snowden himself has vouched for Signal, writing that he uses it every day. As ACLU lead technologist Chris Soghoian has written, "every time someone downloads Signal and makes their first encrypted call, FBI Director Jim Comey cries."
But in the encryption arms race, Google is playing catch-up. Apple’s iMessage has, without much fanfare, end-to-end encrypted iPhone owners’ communications for years. FaceTime, too. In April, Facebook-owned Whatsapp completed the rollout of Open Whisper Systems’ encryption to the more than one billion phones that have the app installed, the largest default end-to-end encrypted network ever. The competing app Viber followed up just weeks later with its own switch to end-to-end encryption, extending that protection to around 700 million more people.
Google’s move, late as it may come, answers critics who have chastised its slow adoption of user-controlled encryption tools. The company announced an encrypted email project called “End-to-End” in 2014, but the initiative has yet to release any actual tools to the public.
Allo's incognito mode represents a far more limited approach to encryption than Whatsapp's, Apple's, Viber's, or even what it's offering with Duo: Unlike with those apps, you must purposefully turn on incognito mode to send encrypted Allo messages; the app doesn't hide all messages by default. On the flip side, Duo is encrypted by default all the time. But Google's launching its encrypted communication apps as new tools that may or may not catch on, rather than Whatsapp's far bolder move to turn on encryption for its existing, massive userbase. Gmail and Google Hangouts, meanwhile, still lack end-to-end encryption, leaving them open to government surveillance orders.
X content
This content can also be viewed on the site it originates from.
X content
This content can also be viewed on the site it originates from.
Even so, Google's new experiments in end-to-end encryption represent the company tiptoeing into an increasingly heated debate between Silicon Valley and cryptophobic government officials in the US and abroad. In March, Brazilian authorities briefly arrested a Facebook executive after Whatsapp failed to comply with a surveillance order in a drug case. The country's government temporarily banned the app in both December of last year and earlier this month due to its encryption features, although the ban was overturned in both cases by a judge. And the New York Times reported that Whatsapp had told the U.S. Justice Department it couldn't comply with a wiretap order in a criminal investigation due to its use of encryption.
FBI director James Comey has made clear his opposition to encryption because it presents a barrier to law enforcement, saying as early as 2014 that encrypted communication "threatens to lead all of us to a very dark place." When Whatsapp announced the completion of its encryption rollout in April, Arkansas Senator Tom Cotton, a member of the Senate's Select Committee on Intelligence, responded in a blistering statement: "The WhatsApp and Facebook decision to add end-to-end encryption to all of WhatsApp's services with no secure method to comply with valid search warrants continues a dangerous trend in the tech and data world," he wrote. "This is an open invitation to terrorists, drug dealers, and sexual predators to use WhatsApp's services to endanger the American people."
Google's more limited adoption of that same encryption system may signal that the company is looking for a path that will please its privacy-seeking users without entirely antagonizing law enforcement. An even bigger consideration for the company may be the fact that end-to-end encryption prevents not only government surveillance, but its own collection of data about its users' conversations---the lifeblood of Google's advertising-driven business.
Allo and Duo's new security features, in other words, are Google's baby steps towards a fully-encrypted future, not the sort of bold moves to elevate privacy above profit or politics that some of its competitors have already taken. But for a company built on a data collection model that's often fundamentally opposed to privacy, baby steps are better than none at all.
