Ensuring Security and Compliance: Meta's Strategy for E2EE Integration and Interoperability with Third-Party Services.
Meta has released its solution on how to integrate end-to-end encryption into WhatsApp and Messenger, whilst still staying within the Digital Markets Act (DMA) regulations, which the EU requires and Meta as a company must follow. The DMA regulation states that Meta must allow interoperability with any other third-party provider within three months of a request, but full deployment to the general public may take longer.
To begin with, Meta wants to ensure end-to-end encryption is available for one-to-one chats and file sharing but then gradually introduce group chats and eventually calls.
Meta has enforced that third-party providers must come to an agreement before end-to-end encryption can take place. They are driving that the third-party providers integrate WhatsApp’s Signal protocol, however are open to other solutions where security standards are met.
By Meta introducing end-to-end encryption, this proves that they can guarantee the secure transit of messages, but not the security of third-party apps that accept WhatsApp and Messenger chats.