EFF Launches ‘Encrypt It Already’ Campaign, Urging Big Tech to Close Privacy Loopholes
Toggle Dark Mode
American international non-profit digital rights group Electronic Frontier Foundation (EFF) on Thursday launched a campaign called “Encrypt It Already,” urging Apple, Google, Meta, and other tech companies to either implement or expand end-to-end encryption on their platforms, in addition to stronger defaults and privacy settings, reports Mactrast.
The EFF urges Apple, Meta, Google, Telegram, Bluesky, and Ring to add or expand end-to-end encryption across their several apps and services, to make privacy-protecting settings the default and not opt-in, deliver on their prior encryption commitments by giving users additional control over how their data is accessed and used.
End-to-end encryption (E2EE) protects the privacy of your data, puts control over how the data gets used into your hands, and is the best way we have to ensure private conversations remain private. Not enough companies use it as broadly as they should.
For its part, Apple already offers end-to-end encryption for several features and data categories, in addition to providing additional protection by offering Advanced Data Protection as an optional feature.
While nearly all iCloud data is already stored in an encrypted format on Apple’s servers, Apple holds the keys to that encrypted data, meaning it can technically access or hand over that data if legally required to do so. It’s also possible that all of your personal information could be exposed in the event of a data breach.
Apple does offer end-to-end encryption by default for extremely sensitive data like Health, Journal, Passwords, payment information, and Messages, which means that only you hold the keys to that data. However, that last one comes with a catch: the key to decrypt your Messages is stored in your device backups. Since iCloud Backups aren’t end-to-end encrypted by default, that key will be stored on Apple’s servers if you backup your devices to iCloud.
Although you can close this loophole by relying solely on local backups, Advanced Data Protection is much better, as it enables end-to-end encryption for nearly everything — including iCloud Backups — and stores the keys for those exclusively on your Apple devices.
By enabling Advanced Data Protection, the total number of data categories protected by end-to-end encryption increases from 15 to 26, including device backups, Photos, Notes, Files, and more. The only categories that aren’t covered by Advanced Data Protection are Mail, Calendars, and Contacts, due to the need to synchronize these using the open industry-standard IMAP, CalDAV, and CardDAV protocols, which don’t support E2EE.
However, the EFF has pushed Apple to bolster encrypted protection. Last year, the organization urged Apple and Google to implement end-to-end encryption for RCS messaging between the Apple and Google platforms. Apple has since announced that it’s working on end-to-end encryption for RCS messaging, although it’s unclear how much of this has to do with the EFF’s lobbying, as Apple’s announcement came the same day the GSMA announced RCS Universal Profile 3.0, which added E2EE to the official RCS standard for the first time. Prior to this, E2EE over RCS between Android devices relied on a proprietary Google standard that Apple was understandably reluctant to embrace.
While Apple hasn’t provided a specific timeframe for adding E2EE to RCS messaging, it has been laying the groundwork for the feature. Last month, the second iOS 26.3 beta introduced new carrier bundle settings that hint that the feature could be coming in the next release.
It should be noted that iMessages sent between Apple devices have supported end-to-end encryption by default since the service was first introduced in 2011.
The EFF is also urging Apple and Google to better protect its users from the privacy incursion of artificial intelligence, by allowing their users to control AI permissions by being able to turn off Apple Intelligence and Google Gemini on an app-by-app basis.
Further, the EFF asserts that tech companies should provide greater transparency to users, by better communicating information about new implementations of end-to-end encryption by publishing blog posts, technical papers, and other information, and by providing detailed user documentation.
The EFF encourages users to enable any end-to-end encryption features in the apps they use whenever they are available. Apple users are also urged to use Apple’s feedback form to prompt the Cupertino company to provide additional end-to-end encryption support.
As well as Apple and Google, the EFF is also pushing other tech firms to increase their use of end-to-end encryption in its public-facing apps and services. Among the firms being singled out by the EFF are Meta — who is urged to use end-to-end encryption for group messages in Facebook Messenger and make it the default for backups in WhatsApp — along with pushing Telegram and Bluesky to add end-to-end encryption in their DMs, and Ring to add end-to-end encryption for its camera feeds by default.
To learn more about EFF’s campaign, visit the “Encrypt it Already” website.
