Microsoft adding end-to-end encryption: This is the way

Last week, news broke that Microsoft has added end-to-end encryption support to Microsoft Teams. It might feel like a small update, but the move represents a giant leap towards turning end-to-end encryption into the industry standard it should rightfully become – a vision Tresorit has been built around from the very beginning.

We welcome Microsoft Teams as the newest member of the end-to-end encrypted (E2EE) services. E2EE is a fundamental technology in working towards our mission: to empower people to get back control over their digital valuables. The latest move by Microsoft reinforces the fact that our approach is right: E2EE is the safest way to handle data.

Read below to discover why Microsoft embracing E2EE marks another milestone for privacy, and how we got to this point in the first place.

A decade of privacy at Tresorit

At Tresorit, we have been working to protect people’s privacy and confidential information with encrypted productivity solutions for the past decade. We have witnessed that the world has gradually become more and more privacy-conscious, due to events such as the Snowden scandal, the Apple vs FBI clash, or the Cambridge Analytica story. As news about privacy violations and data breaches continues to dominate tech headlines, people and organizations have started to care more about the usage of E2EE services.

Demand for digital solutions to protect privacy and confidential information is growing fast, and the latest move by Microsoft underlines the fact that E2EE is best suited to help people and businesses tackle this fundamental and pressing challenge.

Together with our E2EE service allies and digital rights activists all over the world, we’ve been busy advocating for the mainstream adoption of end-to-end encryption for many years. A bona fide tech giant like Microsoft joining this shift is proof that we’re on the right track.

The journey towards E2EE mainstream adoption

When Tresorit was founded in 2011, E2EE services were niche players. This has since changed – the likes of ProtonMail, Signal, Threema, Tutanota, Wire, or Wickr, all of whom have built their entire product offerings on end-to-end encryption, are thriving. As for us, we’ve also made strides since we started live 10 years ago - launching our first app in 2013, and bringing our business-focused solution to market in 2014.

Since the start of the 2010s, E2EE has become well-known mostly due to its prevalence within consumer chat security architecture. Apple pioneered this when it revealed iMessage is end-to-end encrypted in 2014. Facebook implemented switch-on end-to-end encryptionin Messenger with the Signal Protocol in 2016, before they acquired WhatsApp, which is E2EE by default, in 2016. Even Google, a company rarely celebrated as a champion for privacy, has joined the E2EE club. In 2021, Amazon added E2EE support to Ring, their home security system.

From an enterprise perspective, the news that Microsoft Teams has followed the example of Zoom in integrating E2EE shows that encryption has become a competitive advantage in the SaaS market. We believe that the addition of E2EE support to Big Tech companies’ services will further accelerate the mainstream adoption of end-to-end encryption and fuel the growth of privacy-first technology companies.

Still a long way to go

Trust in large tech companies has been broken for a long time. Addressing the need for E2EE could also make a reconciliation with users whose trust (and personal data) have been violated. Success within this field could pave the way for these companies to revise their business models and find new, less intrusive ways to generate revenue from their customers.

According to news, Microsoft plans to roll out E2EE gradually, starting with 1:1 conversations. While developing E2EE services, it is crucial for all technology companies to adhere to technology best practices and well-researched cryptography standards to uphold users’ trust. Most importantly, end-to-end encryption should be a by-default, built-in feature and not an option to turn on and off occasionally. Switch-on encryption can be even dangerous for users, especially for those who critically need privacy.

E2EE and its role within the digital economy

Microsoft’s adoption of E2EE also helps portray the technology in its truest form – a crucial tool that millions of people and thousands of real businesses all over the world can rely on to secure their data. The commercial use cases are widespread and extremely diverse, and businesses of all shapes/sizes/categories already use E2EE to protect their file attachments, industry secrets and source materials. Beyond messaging, E2EE can be found in email applications, cloud storage devices, file transfer services, video tools and even remote security solutions; basically, any channel where digital communications take place. As we’ve already mentioned multiple times, we must constantly remind policymakers – not only in the EU, but globally – to keep the privacy of these millions of users in mind, before threatening to weaken encryption with backdoors.

A couple of years ago, we explored what would happen if end-to-end encryption became mandatory and, whilst there is some way go before E2EE becomes a legal standard, we believe that Teams integration is an important step towards E2EE becoming a non-negotiable for data protection standards. We’re proud to be a part of this movement and will continue to working towards protecting people’s rights to privacy and security.

TL;DR. This is the way.