90+ Groups Protesting For Slack to Protect User Messages With End-to-End Encryption

The COVID pandemic was a major booster to work collaboration applications like Slack, Zoom, and Skype, with organizations turning to such platforms to support their remote work initiatives.

According to a report by VPNoverview on “How to stay safe when collaborating,” Slack has become a popular platform for instant messaging and collaboration, with over 8 million daily users who share messages, files, and images.

Slack has attracted many small to mid-sized businesses since it launched in 2014, thanks to its user-friendly and easy-to-implement features.

Contrary to what people generally believe, Slack is not only for small businesses. When IBM chose Slack as the organization’s tool for its massive workforce of more than 350,000 people, it was a major victory for the collaboration platform given competition from rivals like Microsoft Teams.

Why Security and Privacy Matter to Organizations Using Slack

Despite Slack’s growth as a collaboration tool for team members., concerns have been getting louder and louder regarding the security of the vast amounts of data on the platform. These apprehensions cut across Slack desktop and Slack mobile app.

In particular, Slack lacks end-to-end encryption (E2EE) – which refers to a system of communication where only the users in the conversation have permission to read the messages.

No one else, not even the service provider, or any malicious actor, can access the keys that are needed to decrypt the messages. The sender encrypts the messages and the third party stores them without being able to decrypt them.

After the encrypted messages get to the receiver, only and only then, they are decrypted.

According to a report by IBM on “What is end-to-end encryption?” Data privacy and security are crucial for many topics that require confidentiality, such as business transactions, financial information, legal matters, health issues, or personal chats.

End-to-end encryption is used to enhance the protection of data from cyberattacks, which can cause serious damage to businesses and individuals.

Organizations Match to Slack Calling for E2EE

More than 90 organizations will match to Slack’s San Francisco and Denver offices to protest against the company’s slackness in implementing end-to-end encryption on Wednesday.

According to a related report on the matter by The Register, the protest will feature diverse groups including pro-choice lobbyists, digital and racial justice agencies, and security-focused businesses like Fight for The Future and Mozilla.

Protesters are expected to don “Make Slack Safe” tee shirts, carry mobile billboards and related digital signs.

Some like post-Roe Americans, who are part of the organizers of the protest, say the collaboration app is not safe for both organizations and individuals. In addition to calling for E2EE, the groups want Slack to integrate reporting and blocking features to prevent issues of harassment.

“Millions of people use Slack every day to do their work, volunteer, and connect with communities online — including abortion funds and reproductive rights groups that are being targeted by anti-abortion efforts,” Caitlin Seeley George, the campaigns and managing director at Fight for the Future said. “And the company has shrugged off questions about offering end-to-end encryption in the past, saying they don’t think their users want it.”

Slack has consistently stayed away from E2EE, maintaining that its paying customers have not requested the feature, Motherboard reported on the issue in 2018.

“It wasn’t a priority for exec [executives], because it wasn’t something paying customers cared about,” a former employee of Slack told Motherboard. “Paying customers want enterprise key management.”

According to Slack’s policies, “Enterprise Key Management (EKM) is a security add-on for Slack Enterprise Grid that allows organizations to manage their own encryption keys using Amazon Key Management Service (KMS).”

In an open letter written by Fight for the Future last week and signed by more than 90 groups, Slack was urged to prioritize E2EE and additional privacy features to ensure that governments were not capitalizing on the collaboration tool to track defenders of human rights.

“In the US and around the world, governments are using data and digital communications to target human rights defenders and people exposing human rights violations, including political nonprofits, activist networks, and journalists,” the letter explained. “For many of these groups and individuals, Slack is an absolutely vital communication tool, but it could also become the basis of government targeting, repression, censorship.”

The lack of end-to-end encryption on Slack poses a serious risk for abortion seekers, providers, and facilitators in the USA, where the Supreme Court has overturned Roe v Wade and made private communications a potential source of criminal evidence.

“Every day that Slack fails to offer end-to-end encryption it puts abortion seekers, providers, and facilitators in danger, which is why we’re making a major push to get the company to address this security issue and protect its users,” Seeley George added.

Slack Fights Back

Slack continues to push the complaints under the rug and maintains that the company takes the issue of customer data seriously.

A spokesperson of the company told the Register that Slack’s “policies, practices, and default settings are aligned with the business uses of our product.”

It seems unlikely that Slack will add end-to-end encryption any time soon but perhaps these protests will have an affect on the company.

Recommended Articles:

• Best Web Browsing History Trackers for 2023
• New Edtech App Antimatter Teaches Kids By Getting Them to Make Educational Memes
• HP CEO Says AI Would Help Create New PCs: Would It Help Beat the Slowdown?