Google isn’t happy with the chat apps it already has, so at I/O 2016 it showed off a new Assistant-infused Allo messaging app as well as a Duo video chat app intended to work like Apple’s FaceTime, but across platforms. From Google’s demos, you can easily see they’re incredible apps that should offer fast and smart communication. However, there are things you need to know about privacy and encryption.
People who follow the tech sector closely already know that 2016 has been the year of encryption. The Apple vs. FBI feud was a fight about encryption, a key security feature that more and more tech companies are ready to support. WhatsApp recently rolled out full end-to-end encryption, which means all chats and calls inside the app can only be accessed by the sender and recipient.
Google’s Duo comes with end-to-end encryption as well, which means all your video chats are protected and can’t be intercepted by third parties. Allo, on the other hand, can’t offer that – and it’ll won’t have end-to-end encryption enabled by default.
Allo does have an incognito chat mode that is encrypted both end-to-end and in transit. But incognito mode won’t any of the app’s niftier new features. What’s great about Allo’s full encryption in incognito mode is that it’s based on the same technology used by Signal, the popular chat app that Edward Snowden endorses, which was recently backed into WhatsApp.
For Google to offer Assistant features inside Allo chats, it needs to be able to access the information in your messages. That means you can’t expect end-to-end encryption if someone other than you and the other person(s) in the chat can read them. Even if it’s Google’s AI and not a hacker or a law enforcement agency, the fact remains that a third-party could read your communications. The Allo chat is still encrypted in transit though, even if it lacks end-to-end encryption outside of incognito mode.
To many people, that probably isn’t a problem. It’s the obvious tradeoff you have to agree to. You can’t have smart Google Now/Assistant/Home features without agreeing to have Google in your life. But praising Google’s encryption in Allo without knowing it’s not end-to-end encryption by default, is wrong.