Telecommunication networks and the Internet have made communicating with people easier than ever, but have also made surveillance more prevalent. Without taking extra steps to protect your privacy, every phone call, text message, email, instant message, video and audio chat, and social media message could be vulnerable to eavesdroppers.
Often the most privacy-protective way to communicate with others is in person, without computers or phones being involved at all. Because this isn’t always possible, the next best thing is to use end-to-end encryption.
End-to-end encryption ensures that information is turned into a secret message by its original sender (the first “end”), and decoded only by its final recipient (the second “end”). This means that no one can “listen in” and eavesdrop on your activity, including wifi cafe snoops, your Internet service provider, and even the website or app you are using itself. Somewhat counter-intuitively, just because you access messages in an app on your phone or information from a website on your computer does not mean that the app company or website platform itself can see them. This is a core characteristic of good encryption: even the people who design and deploy it cannot themselves break it.
All the tools that have guides on the SSD site use end-to-end encryption. You can use end-to-end encryption for any kind of communication — including voice and video calls, messaging and chat, and email.
(Not to be confused with end-to-end encryption is transport-layer encryption. While end-to-end encryption protects messages, for example, all the way from you to your recipient, transport-layer encryption only protects them as they travel from your device to the app’s servers and from the app’s servers to your recipient’s device. In the middle, your messaging service provider—or the website you are browsing, or the app you are using—can see unencrypted copies of your messages.)
Under the hood, end-to-end encryption works like this: When two people want to communicate via end-to-end encryption (for example, Akiko and Boris) they must each generate pieces of data, called keys. These keys can be used to turn data that anyone can read into data that can be only read by someone who has a matching key. Before Akiko sends a message to Boris, she encrypts it to Boris's key so that only Boris can decrypt it. Then she sends this encrypted message across the Internet. If anyone is eavesdropping on Akiko and Boris—even if they have access to the service that Akiko is using to send this message (such as her email account)—they will only see the encrypted data and will be unable to read the message. When Boris receives it, he must use his key to decrypt it into a readable message.
Some services, like Google Hangouts, advertise “encryption,” but use keys that are created and controlled by Google, not the sender and final receiver of the message. This is not end-to-end encryption. To be truly secure, only the “ends” of the conversation should have the keys that let them encrypt and decrypt. If the service you use controls the keys, that is transport layer-encryption instead.
End-to-end encryption means that users must keep their keys secret. It can also mean doing work to make sure the keys used to encrypt and decrypt belong to the right people. Using end-to-end encryption can involve some effort—from simply choosing to download an app that offers it to proactively verifying keys—but it's the best way for users to verify the security of their communications without having to trust the platform that they're both using.
Learn more about encryption in What Should I know About Encryption?, Key Concepts in Encryption, and Different Types of Encryption. We also explain one particular kind of end-to-end encryption—called “public key encryption”—in more detail in A Deep Dive on End-to-End Encryption.
Phone Calls and Text Messages versus Encrypted Internet Messages
When you make a call from a landline or a mobile phone, your call is not end-to-end encrypted. When you send a text message (also known as SMS) on a phone, the text is not encrypted at all. Both allow governments or anyone else with power over the phone company to read your messages or record your calls. If your risk assessment includes government interception, you may prefer to use encrypted alternatives that operate over the Internet. As a bonus, many of these encrypted alternatives also offer video.
Some examples of services or software that offer end-to-end encrypted texting and voice and video calls include:
Some examples of services that do not offer end-to-end encryption by default include:
- Google Hangouts
- Kakao Talk
- Yahoo Messenger
And some services, like Facebook Messenger and Telegram, only offer end-to-end encryption if you deliberately turn it on. Others, like iMessage, only offer end-to-end encryption when both users are using a particular device (in the case of iMessage, both users need to be using an iPhone).
How Much Can You Trust Your Messaging Service?
End-to-end encryption can defend you against surveillance by governments, hackers, and the messaging service itself. But all of those groups might be able to make secret changes in the software you use so that even if it claims to use end-to-end encryption, it is really sending your data unencrypted or with weakened encryption.
Many groups, including EFF, spend time watching well-known providers (like WhatsApp, which is owned by Facebook, or Signal) to make sure they really are providing the end-to-end encryption they promise. But if you are concerned about these risks, you can use tools that use publicly known and reviewed encryption techniques and are designed to be independent of the transport systems they use. OTR and PGP are two examples. These systems rely on user expertise to operate, are often less user-friendly, and are older protocols that don’t use all of the modern best encryption techniques.
Off-the-Record (OTR) is an end-to-end encryption protocol for real-time text conversations that can be used on top of a variety of instant messaging services. Some tools that incorporate OTR include:
PGP (or Pretty Good Privacy) is the standard for end-to-end encryption of email. For detailed instructions on how to install and use PGP encryption for your email, see:
PGP for email is best-suited for technically experienced users communicating with other technically experienced users who are well aware of PGP’s complexities and limitations.
What End-To-End Encryption Does Not Do
End-to-end encryption only protects the content of your communication, not the fact that you are communicating in the first place. It does not protect your metadata, which includes, for example, the subject line of an email, who you are communicating with, and when. If you are making a call from a cell phone, information about your location is also metadata.
Metadata can provide extremely revealing information about you even when the content of your communication remains secret.
Metadata about your phone calls can give away some very intimate and sensitive information. For example:
- They know you rang a phone sex service at 2:24 am and spoke for 18 minutes, but they don't know what you talked about.
- They know you called the suicide prevention hotline from the Golden Gate Bridge, but the topic of the call remains a secret.
- They know you spoke with an HIV testing service, then your doctor, then your health insurance company in the same hour, but they don't know what was discussed.
- They know you received a call from the local NRA office while it was having a campaign against gun legislation, and then called your senators and congressional representatives immediately after, but the content of those calls remains safe from government intrusion.
- They know you called a gynecologist, spoke for a half hour, and then called the local Planned Parenthood's number later that day, but nobody knows what you spoke about.
Other Important Features
End-to-end encryption is only one of many features that may be important to you in secure communication. As described above, end-to-end encryption is great for preventing companies and governments from accessing your messages. But for many people, companies and governments are not the biggest threat, and therefore end-to-end encryption might not be the biggest priority.
For example, if someone is worried about a spouse, parent, or employer with physical access to their device, the ability to send ephemeral, “disappearing” messages might be their deciding factor in choosing a messenger. Someone else might be worried about giving their phone number out, and so the ability to use a non-phone-number “alias” might be important.
More generally, security and privacy features are not the only variables that matter in choosing a secure communications method. An app with great security features is worthless if none of your friends and contacts use it, and the most popular and widely used apps can vary significantly by country and community. Poor quality of service or having to pay for an app can also make a messenger unsuitable for some people.
The more clearly you understand what you want and need out of a secure communication method, the easier it will be to navigate the wealth of extensive, conflicting, and sometimes outdated information available.