Opt-in security often fails to protect users. WhatsApp’s encrypted backup feature is a prime example. Discover why security should be the default, not an afterthought.
As the product leader of Wire, I am deeply invested in delivering genuine, user-first security. A critical aspect of this mission is understanding why opt-in security models often fail to protect the majority of users. A prime example of this failure is WhatsApp’s encrypted backup feature, which is a classic case of security as an afterthought rather than a default.
Opt-in security requires users to actively enable protective measures rather than having them set by default. While this may seem to provide users with flexibility and choice, in practice, it places the burden of security on users who may not fully understand the risks or the technical details needed to make informed decisions.
The result? A majority of users—often upwards of 90%—never enable these security features, leaving their sensitive data vulnerable. This is not due to a lack of concern for privacy but rather a consequence of poor visibility and minimal guidance. When security settings are buried deep in the app, as is the case with WhatsApp's encrypted backup option, it’s no surprise that most users remain exposed.
WhatsApp offers end-to-end encryption for messages by default, which is a good start. However, when it comes to backups, the approach is entirely different. Backups are stored on Google Drive (or iCloud for iOS users) and are not encrypted unless the user manually enables it. Even then, the setting is hidden at the bottom of the settings menu, with minimal instruction or emphasis.
For the average user, who may not be tech-savvy, finding and enabling this setting is unlikely. Moreover, Google Drive and WhatsApp, both of which have a vested interest in user data and metadata, benefit significantly from unencrypted backups. Without violating terms of service, they could potentially analyze this data to generate detailed metadata profiles, giving them insights into user behavior, contacts, communication patterns, and more.
At Wire, our approach is different. We believe that security should not be a choice but a default setting. By providing always-on end-to-end encryption for all communications and data storage, we eliminate the risks associated with opt-in models. Users do not need to hunt through menus or decipher complex settings to secure their data - it is automatically protected from the moment they start using our platform.
Security by default not only ensures maximum protection but also builds trust. It demonstrates a genuine commitment to user privacy and puts control back into the hands of users without requiring them to become security experts.
The WhatsApp encrypted backup example highlights a broader issue with opt-in security models: they create a false sense of security while leaving the majority of users exposed. As tech leaders, it is our responsibility to prioritize security by design, ensuring that all users benefit from robust protection, not just those who know where to find a hidden setting.
At Wire, we will continue to champion security by default because every user deserves privacy without compromise. It’s time for the industry to move away from opt-in security and embrace a future where safety is the standard, not an option.
The reliance on consumer platforms like WhatsApp in government is a security risk we can no longer afford to ignore. Learn how attacks happen and why...
New allegations show why Meta apps like WhatsApp should not be used in professional circumstances.
Discover why traditional encryption is no longer enough for critical industries. Learn how advanced security measures like Messaging Layer Security...