Comment by nindalf
8 hours ago
> We delete these messages after X time
They never had the plaintext of the messages in the first place, so they don't need to delete them. That's what end-to-end encrypted means.
8 hours ago
> We delete these messages after X time
They never had the plaintext of the messages in the first place, so they don't need to delete them. That's what end-to-end encrypted means.
Whether Facebook/Meta can read the plain text of the messages or not depends on whether that encryption is "zero knowledge" or not, aka: does Facebook generate and retain the private encryption key, or does it stay on the users' devices only, never visible to Facebook or stored on Facebook servers?
In the former case, Facebook can decrypt the messages at will, and the e2ee only protects against hackers, not Facebook itself, nor against law enforcement, since if Facebook has the decryption key they can be legally compelled to hand it over (and probably would voluntarily, going by their history).
They don't need the plaintext if they have your key. Since they wrote the application you have zero clue if they do or not.