The EU might soon pass a law that forces service providers to provide backdoors for law enforcement (which in practice means anyone with ill intent). Other countries, like the UK, have had similar laws for years. E2EE is worth a lot less than you think.
Viewing post in Feature Request: Private Messages
E2EE is worth a lot less than you think.
Not until such laws come to pass, especially worldwide. And even then, it won't be the kind of encryption I specifically mentioned: true end-to-end (meaning client-side encrypted/decyrpted) zero-knowledge (stored without any possibility of hoster accessing unencrypted data). A lot of services slap on E2EE label these days, but upon closer inspection you could easily see they are just misleading, if not downright deceiving their users.
These laws apply on a government level to any website that has users. If the concern is that users may use the private messaging feature to disclose truly private information to each other, then that's easily solved:
Make it part of the website's terms and condition of using the direct messaging feature that this feature is used at the user's discretion, and make a prominent statement upon its launch and on the website that this feature is not meant to be used for sharing private information, and that you won't be held legally accountable for any private information shared here.
The point of this feature is not that it allows users to share private information with each other, but that it allows users to communicate with each other directly, without the need to post their conversation public for everyone to see. It is only private in the sense that it is not a conversation out there for everyone to see. It's not private in the full sense. And this needs to be stated clearly for all users to see.
I think people get confused when the word "private" is used online. Nothing you post online is private. It's all public. The difference is only where it gets shared.
By the same logic, a letter isn't private, because it can be trivially intercepted and opened at any time along the way. Do you know what keeps your correspondence safe? Laws. But online the same principle doesn't seem to apply, because in the year 2024 people still think "digital" means "magic". Now can we please wind down this conversation that should have remained closed? Thanks.