Microsoft-owned VoIP and messaging platform Skype has long been criticized for lacking end-to-end encryption. Which means Skype communications are not protected by a zero access architecture — and the company could be leaned on to provide authorities with your decrypted content data, for example. It’s also previously been shown accessing links sent via the platform.
But it is now partially rectifying that situation — by launching an opt-in e2e encryption feature, utilizing the industry standard Signal Protocol, which also powers WhatsApp’s e2e encryption and is built by not-for-profit Open Whisper Systems.
The feature supports e2e encryption for Skype audio calls, and for sending messages and media (such as files).
With Private Conversations, you can have end-to-end encrypted Skype audio calls and send text messages or files like images, audio, or videos, using the industry standard Signal Protocol by Open Whisper Systems. The content of these conversations will be hidden in the chat list as well as in notifications to keep the information you share private.
Give it a try by selecting “New Private Conversation” from the compose menu or from the recipient’s profile. After the recipient accepts your invite, all calls and messages in that conversation will be encrypted end-to-end until you choose to end it. You can only participate in a private conversation from a single device at a time. You can switch the conversation to any of your devices, but the messages you send and receive will be tied to the device you’re using at the time.
Discussing the collaboration on its blog, Signal adds: “Our goal is to make private communication simple and ubiquitous. With hundreds of millions of active users, Skype is one of the most popular applications in the world, and we’re excited that Private Conversations in Skype will allow more users to take advantage of Signal Protocol’s strong encryption properties for secure communication.”
So is some opt-in e2e encryption better than no e2e encryption? Some would say ‘barely’. Especially as video chats — the flagship Skype feature — aren’t covered.
There’s also likely to be debate over whether the feature risks confusing Skype users who might mistakenly believe all their comms on Skype are going to be strongly encrypted going forward — when in fact they will have to actively choose e2e encryption every time they want to use it. Which clearly creates privacy friction. And also conditions Skype users to think of privacy as an exception, rather than the standard rule.
Messaging platform Telegram also offers an e2e encrypted ‘secret chats‘ feature on an otherwise not e2e encrypted comms platform, and is routinely attacked for taking this partial position, for example. (Though it is also critiqued for using its own proprietary crypto, rather than adopting a respected standard.)
On the other hand — and given how mainstream a comms platform Skype is — then even partial e2e encryption could be seen as a bit of a step forward, perhaps most especially because Skype is adopting the Signal Protocol for its crypto addition.
It’s also possible — and Signal is hoping — that Microsoft will expand support to cover more Skype features in time.