TikTok Won’t Add E2EE for User Safety

TikTok told the BBC that it will not be rolling out end-to-end encrypted DMs, citing user safety as a concern.

Amid social media platforms adding E2EE to direct messages in order to protect users’ privacy, TikTok has taken a bold anti-privacy stance.

E2EE ensures that no one, not even the platform itself, is able to read your messages except for you and your recipient.

Previously, TikTok hadn’t clarified why it doesn’t support E2EE. But now they say they believe it “prevents police and safety teams from being able to read direct messages if they needed to.”

E2EE is becoming more and more common, with WhatsApp, Facebook Messenger, Instagram, and even X now supporting some form of E2EE (although X has drawn criticism for their implementation).

It’s important to point out that in WhatsApp, when you report someone it sends the last 5 messages they sent. So it’s possible to maintain E2EE and also provide methods to report users abusing the platform.

TikTok has long faced criticism for its data harvesting practices:

For example, last week I visited the website for a cancer support group. According to Disconnect, when I clicked a button on a form that said I was a cancer patient or a survivor, the website sent TikTok my email address along with those details. A women's health company sent TikTok data when I looked at fertility tests. A mental health organisation pinged TikTok when I indicated I'm looking for a crisis counsellor. Websites that use pixels send data about every single visitor, so it doesn't matter if you don't have a TikTok account.

Many thought that TikTok’s privacy problems were due to its ties to Chinese company ByteDance, but after selling its US operations to US owners including tech giant Oracle, there’s been no privacy improvements.

Discord added E2EE for video and audio calls a while back, but they intentionally kept messages unencrypted for similar reasons.

I think though that if Meta can roll out E2EE throughout their products, it should be possible for Discord and TikTok to do it. It’s totally possible to implement features for reporting abusive content, it’s just a matter of bothering to do the work.

With governments attacking E2EE with laws using the old “protect the children” excuse, platforms like TikTok and Discord have more power than most to fight back.

If platforms like TikTok really want to protect younger users, they should stop harvesting endless data and selling it off for profit, and implement actual privacy protections like E2EE.