Ensuring security is crucial whenever sensitive data is involved, such as in cloud storage, password management, and communication. The top encrypted messaging apps currently prioritize their responsibility to safeguard consumers’ privacy. However, instances like WhatsApp’s flawed account deactivation system serve as constant reminders that there is room for improvement. Google believes that the solution lies in an industry-wide interoperable standard for messaging that transcends specific platforms and apps. Yet, recent examples suggest that this vision may be a challenging goal to achieve.
Google has expressed its support for the new Messaging Layer Security (MLS) standard introduced by the Internet Engineering Task Force (IETF) through RFC 9420 specifications. The standard is designed to enable interoperability across various messaging services and operating systems on a large scale, including WhatsApp, Messenger, and Google Messages. Google intends to make its implementation of the MLS standard open source and accessible to app developers through the Android code base.
The company believes that with backing from lawmakers and market regulators, MLS could become the widely adopted protocol for apps, eliminating the need for individual app developers to maintain proprietary end-to-end encryption (E2EE) protocols. This could also address concerns related to third-party middleware and simplify the implementation of E2EE group chats across different platforms.
While the advantages and feasibility of MLS implementation seem promising, Google acknowledges that widespread adoption might face challenges. For instance, similar to the situation with the RCS standard, Apple has shown disinterest in implementing MLS, and smaller app developers may hesitate to invest significant resources in adopting the new standard. Moreover, any regulatory pressure to enforce compliance may face opposition from certain industry players.