The secret history of encrypted DMs on Twitter
They almost launched in 2018 — and could still do a lot of good today
Last we broke the news that Twitter is developing encrypted direct messages as one of Elon Musk’s top five product priorities. Today The Verge’s Alex Heath reported that Musk shared further details on his plans on Monday in a meeting with employees, saying that he had asked Signal creator Moxie Marlinspike for help and planned to eventually offer encrypted voice and video calling as well.
“We want to enable users to be able to communicate without being concerned about their privacy, [or] without being concerned about a data breach at Twitter causing all of their DMs to hit the web, or think that maybe someone at Twitter could be spying on their DMs,” Musk said, according to the report.
As Heath notes, Twitter has considered developing encrypted DMs before. Today let’s talk about how that project came about, how it was derailed, and what Twitter’s project could mean for a fraught moment in the debates over encryption’s future.
In 2016, Twitter was near its nadir as a product organization. Under then-CEO Jack Dorsey, a succession of product leaders had mostly failed to ship meaningful improvements to the product. A handful of times in the past, someone had started to build encrypted DMs as part of hack week exercises, according to an August 2020 summary of past efforts obtained by Platformer titled “What happened to Encrypted DMs?”
Then, at the end of 2016, the project suddenly gained new life — thanks to a tweet from famed National Security Agency whistleblower Edward Snowden.
“Reasonable and something we’ll think about,” Dorsey responded.
And, in fact, Twitter did. That February, the company’s engineering and information security teams submitted a joint proposal to encrypt DMs, and formed a working group. Two months later, another hack week project showcased how the project might work, and it was “very well received,” according to the history.
Members of the client engineering team joined the working group, and Twitter began working toward licensing technology from Signal that would allow the company to move forward.
As envisioned at the time, encrypted DMs would take place in conversations separate from normal DMs. (Facebook Messenger’s secret conversations feature works similarly.)
You would only be able to access your encrypted DMs on one device at a time. No images or other file attachments would be allowed. And the initial product would not support group messages, either.
As 2017 came to an end, though, little progress had been made. The project’s scope had been decided, and Twitter was hosting “education sessions” about Signal’s protocol for the company.
Work on the project was supposed to begin in January 2018. “But client leads pushed back as we didn’t have a license for Signal yet,” according to the history. Team members worried they might not be able to get a license for Signal’s technology at all.
The license finally came in February, a full year after Twitter had begun to seek it. The company spent the next six months developing features. In August, it began testing encrypted DMs internally, and fixed bugs in the product through October.
By then, though, Kayvon Beykpour had taken over as the company’s head of product. The company began working on new features for DMs, but a reorganization of the team meant that the people formerly responsible for DMs had essentially been disbanded, according to the history. Twitter began rebuilding the DM team anew.
Encrypted DMs — or “Secret DMs,” as they are called at one point in the history — died along the way. In June 2019, code for the DMs was removed from Twitter’s iOS library.
In a postmortem analysis, authors of the history say they didn’t have enough support from the company’s technical infrastructure team to finish the project in 2018. They also noted that the “customer experience had rough edges.” And, perhaps most importantly of all: “Ultimately, there was higher priority work to be done.”
Still, it’s worth asking what good might have been done had Twitter proceeded with the project as planned.
In a significant 2020 attack, hackers breached the DM inboxes of 36 accounts, including one elected official. In 2018, the company disclosed that a bug made certain DMs between businesses and their customers visible for more than a year.
Perhaps more importantly, the past few years have seen governments around the world get increasingly skeptical of encrypted messaging. India has sought to force companies to turn over the contents of private messages, threatening to break encryption. Earlier this year, the UK government launched a campaign to pressure Meta not to introduce encrypted messaging on Facebook or Instagram.
Meanwhile, the US Senate has explored placing its own limits on encryption, though it died along with every tech bill that Congress has considered this year.
As one of the few tech giants that offers end-to-end encrypted products, Meta has been a rather lonely defender of encryption in the public square, at least among corporations. And its historic reputation for violating user privacy has made it an imperfect ally to civil society organizations, who broadly support encryption.
For all the chaos Musk has wrought at Twitter headquarters over the past several weeks, he could arguably still do some good by finishing the job that Snowden and Dorsey started almost six years ago. He’s been briefed on the history, sources say.
Whatever you think of Twitter 2.0, the future of privacy requires the broad availability of encrypted communication services.
And today, more than ever, encryption needs friends — wherever it can find them.
It won’t be easy, though. In an echo of encrypted DMs’ earlier demise, the recent massive cuts to Twitter’s workforce means that everyone who once worked on the project no longer works at the company, sources said. And so newer employees are once again starting from scratch.
More stuff we’re hearing from inside Twitter:
A Twitter feature that will allow users to upload videos of up to 42 minutes, and comes with new monetization options for creators, was originally set to launch by the end of November. It has since been deprioritized in favor of relaunching Twitter Blue and longform tweets. Now, sources say the feature will likely launch in December.
Other projects that Musk has tweeted about, including resurrecting Vine and launching paid direct messages, have similarly been deprioritized, with little communication as to why.
In less buzzy news, Twitter is also working to unify the tech stacks for ads and its “home” service, which includes the timeline, notifications, and related features. Having separate stacks makes upgrading them less efficient. Musk has pushed to bring everything together, which employees say is generally a good idea, though a big lift.
Even more Twitter
Elon Musk and his closest associates have alienated or fired members of Twitter’s Trust and Safety team, and now seek to automate much of their work. If there’s one thing we’ve learned about this sort of work, it’s that it’s easily automated. (Cat Zakrzewski, Faiz Siddiqui and Joseph Menn / Washington Post)
Elon Musk is refusing to pay hundreds of thousands of dollars of travel bills racked up by Twitter executives before he took over the company. Every day another Trump parallel with this guy! (Mike Isaac and Ryan Mac / New York Times)
Elon Musk has developed a playbook for managing his companies and workers — including at Tesla and SpaceX — and he’s now using it at Twitter. That playbook is best summed up as “enforced burnout.” (Ryan Mac and Jack Ewing / New York Times)
Elon Musk has yet to reverse Twitter’s decision to suspend Distributed Denial of Secrets, the nonprofit transparency collective that distributes leaked and hacked documents to journalists and researchers. (Micah Lee / The Intercept)
Journalists are trying to start a Twitter alternative on Mastodon and recreating some of the same dynamics from Twitter. How much would you pay to never have to read anything posted there?? (Joseph Bernstein / New York Times)
Governing
The UK’s competition watchdog launched an in-depth market investigation into Apple and Google that could force the companies to change their anticompetitive practices. (Samuel Stolton / Politico)
Chinese President Xi has been cultivating cybersecurity talent, and his hacking teams are poised to cause even more havoc for private companies and the US government. (Dakota Cary / CyberScoop)
Chinese authorities are set to impose a fine of more than $1 billion on Jack Ma's Ant Group following a long investigation. (Julie Zhu / Reuters)
Student journalists are being viscously harassed, mirroring a troubling trend in the media industry. (Taylor Lorenz / Washington Post)
Industry
TikTok is hiring 3,000 engineers worldwide as its competitors cut thousands of jobs. (Raffaele Huang and Stu Woo / Wall Street Journal)
Sam Bankman-Fried's crumbling FTX empire currently has about $1.2 billion in cash and owes $3.1 billion to its top 50 creditors. (Eliza Gkritsi / CoinDesk)
FTX spent $300 million buying homes and vacation properties for its senior staff in the Bahamas. (Koh Gui Qing / Reuters)
Hedge funds have billions of dollars stuck in FTX, and it could be years before any of the funds are recovered. (Laurence Fletcher and Joshua Oliver / Financial Times)
People who’ve had their Facebook accounts hacked get little help from Meta, which still operates without much customer support. Some are losing thousands of dollars while they wait. (Tatum Hunter / Washington Post)
Facebook’s third-quarter Widely Viewed Content Report shows only one in the top 20 posts qualified as engagement bait, down from 100 percent a year earlier. Feels like some nice progress there. (Jeff Horowitz / Wall Street Journal)
Twitch is ramping up its child safety efforts with mandatory phone verification and a better system for catching accounts belonging to people under 13. (Cecilia D'Anastasio / Bloomberg)
Tumblr is adding support for ActivityPub, the open, decentralized social networking protocol that powers Mastodon. (Sarah Perez / TechCrunch)
Those good tweets
Talk to us
Send us tips, comments, questions, and your Thanksgiving plans: casey@platformer.news and zoe@platformer.news.
“Team members worried they might not be able to get a license for Signal’s technology at all.”
This line in particular is puzzling because there isn’t any scenario where they wouldn’t be able to license the Signal Protocol, because anyone can use and modify it under GPL v3. Did they mean they might not be able to get a license that included the modified terms they wanted?
Maybe Twitter was trying to license the Signal Protocol from the Signal Foundation so they wouldn’t have the release their modified source code, like they would have if they’d used the Signal Protocol under its GPL v3 license?
Did Meta obtain a non-GPL v3 license to be able to use the Signal Protocol in WhatsApp without having to release the source code of any modifications?
I’ve just never heard about people being apprehensive to use an open source project because of licensing negotiations. Id be interested to hear about similar situations with other open-source projects and companies, if anyone knows of any other examples of this.
It’s certainly needed on the platform, but it seems crazy to trust any feature implementation at this time - especially anything related to security, and especially with such a clear political slant from the person running it all.
But as I re-read that, it all applies to Facebook or TikTok, and that’s not slowing anyone down.