The future of messaging is encrypted, and it is also interoperable. Now that the EU’s Digital Markets Act has gone into effect, the technical means by which gatekeepers of end-to-end encrypted messaging (e2ee) platforms must interoperate have been defined. While WhatsApp is the only gatekeeper identified for the moment, would-be interoperators have already been preparing for this moment.

Still, the rollout for end users will be slow. The contours of the wider playing field will be similarly slow to emerge, with messaging and texting remaining separate user contexts, not to mention the sheer number and diversity of e2ee messaging apps on the market. However, we can still make some informed predictions about interoperable e2ee, as well as plan out the desirable outcomes from an end-user perspective for existing and emerging e2ee services.

There is still an opportunity to inform the arena in which the creators and owners of e2ee applications might voluntarily gather to resolve the most challenging aspects of providing secure and ubiquitous end-to-end encryption applications to users globally.

Background: The Players

Signal and WhatsApp (maybe Messenger)

This is the “family” of messaging apps that publicly promote their use of the Signal protocol. The main innovation in Signal was the “Double Ratchet Algorithm,” an iteration of Off-The-Record messaging (OTR). The Signal protocol is not a standard but it is effectively synonymous with trusted encryption. It’s also important to note that in all messaging services, the protocol is a rather small part of the application. The server and client software implement the protocol alongside somewhat interchangeable features such as identifiers (usernames or phone numbers), the user interface, how to handle blocking and reporting, group chat administration, and other configurations. These are largely platform-specific features that aren’t included in the protocol and may or may not be compatible with the features of other services.

In 2016, Signal announced a partnership with WhatsApp (owned by Meta) to integrate the Signal protocol, bringing end-to-end encryption to its billion worldwide users. In 2023 Meta announced that Messenger–its direct messaging platform for Facebook and Instagram–would adopt end-to-end encryption using the Signal protocol in 2024, and that it would also interoperate with WhatsApp.

Since WhatsApp has the largest user base among messaging platforms, competitors are interested in interoperating with WhatsApp to access those users. The EU Digital Markets Act, effective in 2024, has made this possible by enabling applications to enter reference offers with WhatsApp, provided they meet its security and privacy criteria for interoperability. These events will continue to drive even wider adoption of the Signal protocol, now over a decade old, as more implementers seek to leverage its reputation for trusted encryption. Notably, other apps also use the Signal protocol, including Wire and Line, which also presumably pay for a license in order to capitalize on the reputation of Signal’s e2ee messaging protocol.

iMessage and Messages

Google Messages and Apple’s iMessage do not have a history of working well together in the interest of end users. After many, many years of Google fighting Apple over the color of the text bubbles of Google Messages as displayed on the iPhone, the US DOJ stepped in to sue Apple, accusing the tech giant of anticompetitive and monopolistic practices. The suit accused Apple of intentionally making iPhone users' texting experience with Android users worse.

However Apple’s argument hinged upon technical considerations for security and privacy, which were not entirely without merit. Google Messages uses a mobile telephone standard called Rich Communications Service (RCS). RCS was developed as a newer version of SMS and is a more feature-rich protocol that includes encryption, user presence, typing status, read receipts, and location sharing. However RCS encryption is considered to be less secure than iMessage because RCS is a feature of network communications, whereas iMessage encryption is a feature of a service, giving end users more of a security guarantee that treats both the network and the service itself as an adversary.

In short, iMessage is messaging and Messages is texting. So while Google is leaning on an open and interoperable standard, Apple’s e2ee is more trustworthy from an end-user privacy perspective. As highlighted in recent reports, the default implementation of RCS on Android is fraught with security vulnerabilities, particularly cross-platform messages as it lacks end-to-end encryption. However there exists a new, draft GSMA specification for MLS over RCS driven by Google.

For what it’s worth, even Signal was once compatible with SMS. There may be a version of the future in which users get to message and text completely interoperably and with strong encryption. But what’s standing in the way of that future is a shared standard and RCS just doesn’t provide good-enough encryption close to the user.

With Apple’s recent adoption of RCS for iPhones, as part of compliance with the EU’s Digital Markets Act (DMA), interoperable texting is now achievable. However, these developments do not resolve the fundamental security issues associated with RCS, which remains inferior to more robust encryption protocols like those used in iMessage. Google Messages is reportedly preparing to implement Messaging Layer Security (MLS) as its new protocol, a significant step forward. Developed by the IETF, MLS offers stronger encryption for both one-on-one and group chats, ensuring secure communication across apps and platforms.

At the same time, there are reports that Google Messages is preparing to implement MLS as its new messaging protocol. “To help address this need, Google pledged its support for Messaging Layer Security (MLS) last year to give the nascent standard an early boost. MLS is an enhanced protocol developed by the IETF. It ensures that communication between apps and platforms is encrypted in one-on-one and group chats.”

Matrix

Matrix is a protocol designed for messaging, voice, and video that has been explicitly designed to facilitate decentralization and federation. It uses its own e2ee protocol, Olm and Megolm cryptographic ratchets.

Matrix is presumably not alone in hoping to provide third-party services as well as client software that puts end users in control of how they receive their messages and what implementation features exist in a client environment. However it is the first mover in realizing a clear vision for interoperable messaging that is end-to-end encrypted and has been influential in the drafting of the DMA. Its user base is notably hyper-security-conscious enterprise consumers like governments and military applications, requiring or assuming trusted intermediary functions within the deployed implementation, such as cybersecurity features, proxies, and other potential features, which may or may not be compatible with mass-market expectations for end-to-end encrypted messaging.

The other reason to focus on the future of Matrix (and its own messaging application Element) is that it appears to be in limbo, not having entirely settled on how and whether it will implement multiple encryption protocols. Matrix will likely go with whatever “winners” emerge, including Signal and Messaging Layer Security (MLS), RCS, or others, as long as they are able to implement them directly or “bridge” them.

MLS is an e2ee protocol specified in RFC 9420 designed for group messaging. More Instant Messaging Interoperability (MIMI) refers to a set of ongoing specifications documents being openly developed at the IETF to facilitate interoperability between MLS implementations. Matrix is an active participant in this effort.

Bridging presents a particularly thorny problem for discussions of interoperability because while end users might benefit from an app or platform environment in which all of their messaging services work together, it is not strictly “interoperability” and more like “integration,” which can fall short of the strong privacy and security guarantees of strict e2ee.

Other e2ee apps

There are, of course, many other e2ee applications that have niche but substantial user bases: Threema (bespoke protocol)), Webex (MLS), and Deltachat (openPGP) and which stand to have some incentives to interoperate. In the case of Deltachat, PGP-encrypted email is already interoperable, just not widely used. There are others with dubious e2ee features, like WeChat and Telegram, which have indicated an unwillingness to offer stronger e2ee guarantees.

In addition, there are even more web- and client-based enterprise and consumer applications that have messaging as a feature: Slack, dating apps, social media platforms, etc. Many have had to answer publicly– and to the authorities– on the question of whether user message contents are accessible to the platform or not. Others, like the fediverse platforms, have begun considering how to implement e2ee.

How the DMA levels the field

By far, the largest effort to force e2ee interoperation across jurisdictions and applications is the EU Digital Markets Act. It aims to foster competition and innovation in the digital market, and it enhances consumer choice by letting users switch between messaging services more easily. In this case, Europe’s single market is a force for good– there is no application that does not want access to European users, and therefore, changes to entire systems, not just client software, will be required in order to comply. These changes will move e2ee interoperability to a lower and more durable layer, literally.

DMA fundamentals

The EU Digital Markets Act criteria for designating gatekeepers include having a market capitalization of at least €65 billion, more than 45 million monthly active end users in the EU, and over 10,000 yearly active business users. Gatekeepers must adhere to several obligations: allowing interoperability so that competing messaging services can exchange messages with their platform, facilitating data portability to enable user data transfer to other platforms upon request, ensuring non-discrimination by treating all business users and services fairly, and providing transparency by clearly informing users and regulators about data collection and usage.

The DMA also prohibits certain practices: gatekeepers cannot prevent users from uninstalling pre-installed apps, combine personal data from different services without explicit user consent, or rank their own services more favorably than those of competitors.

The timeline for implementation began with the DMA’s adoption by the EU in July 2022, followed by its entry into force the following November. As of March 2024, companies meeting the gatekeeper criteria had to notify the EC of their plans in documents called Reference Offers, which the EC then assesses. Designated gatekeepers must comply with the DMA obligations by March 2025, six months after the EC’s designation in response to the Reference Offers.

To enforce compliance, the DMA includes penalties: fines of up to 10% of a company’s total worldwide annual turnover for non-compliance and periodic penalty payments of up to 5% of the company’s total daily turnover for continued non-compliance. The EC will monitor compliance and identify new gatekeepers in an ongoing manner. It’s worth noting that, at present, fines are being held while the European Commission reevaluates its probes into major tech companies, which may suggest a potential adjustment to its enforcement approach.

The WhatsApp-interop plan

The Digital Markets Act identifies WhatsApp as the sole gatekeeper in messaging, or “number-independent interpersonal communications” as it is officially designated, granting Meta a significant role in shaping how e2ee interoperability functions across various applications for billions of users. Meta's reference offer to the European Commission details this plan, which includes several major features.

Firstly, there is a three-month timeframe from the receipt of an interoperability request to its production. The plan heavily emphasizes that user privacy and security must not be compromised. User content is to be conveyed using the Signal Protocol in an XML format, while media, authentication, notifications, and other server-to-server communications will use HTTPS. The plan also employs fingerprinting methods to manage third-party clients and makes no promises regarding changes to WhatsApp's user interface to distinguish between WhatsApp and third-party messages.

From a technical design perspective, it’s very clear from Meta’s plans outlined in its reference offer that WhatsApp intends to remain (anti-)competitive even as it is “forced” to “interoperate”. Furthermore, market research amongst messaging users in Germany suggests that preferences for messaging services reveals that WhatsApp’s current domination (at more than 90% market concentration) will endure as alternative services remain less popular. Most users say they intend to continue using gatekeeper services at similar levels, with some even predicting that they will use them more now that they will be interoperable with less popular apps. This research suggests that interoperability could reduce usage of competing messaging services and strengthen WhatsApp’s dominance, raising questions about whether interoperability will truly foster competition, as it might instead reinforce market concentration across the board, not just in messaging.

Discussion: Future plays

While the DMA and US domestic competition enforcement have exercised their will to level the playing field on behalf of e2ee messaging users, the future is far from settled. Below, I ponder each of the most significant changes that are likely to have an effect on whether true interoperable messaging is possible for end users.

A large question for emerging and less popular messaging apps remains as to which e2ee protocol is best for interoperation. Signal's trusted but proprietary protocol offers reliability, while MLS, as an open standard, provides scalability and flexibility. Choosing the right protocol will be critical for ensuring compatibility with larger platforms. And it’s important that there be one protocol that emerges. Without protocol interoperability, integration is only possible in intermediary applications or through “bridged” accounts, which can be particularly unfortunate for e2ee security.

Signal

To remain relevant in the face of the open MLS standard, Signal might consider standardizing whole or parts of its protocol and open-source more of its tech stack. This would encourage further adoption, enhance interoperability, and position Signal as the key player in the evolving landscape of interoperable end-to-end encrypted messaging. This would build on the existing Signal and WhatsApp user bases, as well as leverage “Signal” as a trustworthy brand. Signal protocol implementers and Signal would need to agree on terms, considering Signal’s sustainability model rests on the trustworthiness of this brand.

MLS

While an open standard, MLS adoption has been slow, and interoperability specifications have been even slower. Accelerating these efforts is crucial to realizing seamless, secure communication across platforms, as MLS holds significant potential to unify encrypted messaging systems and drive broader adoption. MIMI isn’t yet specified, and there are still unresolved issues like third-party client security that aren’t (yet) in scope for standardization. Without comprehensive specifications from an open standards body, WhatsApp, as the sole gatekeeper named in the DMA, will have control over the details of interoperable e2ee architectures.

RCS

RCS is the bridge from insecure, traditional SMS toward modern messaging that would include security through encryption, but all telecommunications infrastructure will fall short in terms of security due to lawful interception regulations over network-layer services. However, if RCS can be the delivery protocol for a truly e2ee protocol like MLS, then progress on both interoperability and encryption is promising.

OpenPGP

OpenPGP, a trusted encryption standard for secure emails, offers a proven model for enabling private and interoperable communication. In a similar manner to its use for email, it might also help messaging apps communicate securely across platforms, addressing key challenges as end-to-end encryption continues to evolve. Furthermore there could be inroads for messaging and email interoperability, perhaps simply starting with integration in a third-party app that can send and receive both as well as manage keys.

Conclusions

Messaging interoperability under the DMA offers great potential but comes with significant challenges. Below are some key areas to focus on as interoperability evolves.

Future antitrust efforts should sweep up more gatekeepers

A main drawback to the DMA is the power handed to gatekeepers, which is even more pronounced in the case of messaging in which there is only one gatekeeper. Concentrating power in a single gatekeeper, like WhatsApp, risks reinforcing its dominance and privileges its chosen encryption protocol, centralizing decisions about secure messaging standards.

Preference open standards

As demonstrated by the open and decentralized internet itself, both present and future interoperability depend on implementers and stakeholders building consensus on protocol specifications in the open. This ensures no single entity dominates, fosters innovation, and allows diverse players to contribute while maintaining security and privacy for all users.

Encrypted SMS fallback

As demonstrated by iMessage and Messages interoperability, perhaps it is a positive direction that all messaging apps have SMS/RCS fallback in hopes that current security drawbacks are addressed or at least minimized for the sake of interoperability.

Identify security and privacy tradeoffs

Numerous security and privacy challenges are at risk if e2ee messaging interoperability is poorly executed. Developers, regulators, and platform operators need to carefully evaluate tradeoffs between interoperability, privacy, and security. Furthermore, the most difficult cases tend to be deprioritized in global standards setting, but with so many players on the field, we all stand to benefit from leaderly ambition to resolve them as a team.

Revisit disclosure, consent, and default settings

Protocols aside, user interface design for messaging apps will play a crucial role as interoperability evolves. WhatApp’s reference offer in response to the DMA highlights the need to rethink disclosure, consent, privacy, and security and intersects with the concerns of the GDPR (General Data Protection Regulation).

Addressing the dominance of gatekeepers, fostering open standards, and balancing user privacy with security trade-offs will require collaboration between regulators, industry leaders, and standards bodies. Without close commentary from civil society advocates, this spectacle of so many players, plays, and possible outcomes risks user rights don’t end up sidelined.