When Google first announced it was working on a chat app called Allo, I was unimpressed.
Because unlike competitors such as WhatsApp, Signal and Apple iMessage, Google said it would not be enabling end-to-end encryption by default in Allo.
Which sucks if you care about privacy. And you should all care about privacy – just take a read of the newspapers folks, and you’ll see how law enforcement agencies and malicious hackers have been able to intercept innocent users’ communications.
Google deliberately chose not to enable Allo’s end-to-end encryption (known as “Incognito mode”) by default because it runs counter to their other business objectives. And Google knows that only a tiny proportion of the public bother to change an app’s default settings.
Hey ho… at least we can feel warm and fuzzy that Google said it would not be keeping users’ chat logs – a slap in the face for law enforcement agencies who may be interested in forcing the tech giant to hand them over.
Hang on a minute, The Verge has just published a new story about Allo. Oh dear… this sounds bad.
The version of Allo rolling out today will store all non-incognito messages by default — a clear change from Google’s earlier statements that the app would only store messages transiently and in non-identifiable form. The records will now persist until the user actively deletes them, giving Google default access to a full history of conversations in the app. Users can also avoid the logging by using Allo’s Incognito Mode, which is still fully end-to-end encrypted and unchanged from the initial announcement.
Google confirmed its U-turn in a statement to BBC News:
“We’ve given users transparency and control over their data in Google Allo. Our approach is simple – your chat history is saved for you until you choose to delete it. You can delete single messages or entire conversations.”
It can spin the media all it likes, but Google can’t hide the fact that it has made another blunder if it wants to become king of the chat apps. As users become more privacy-conscious they will (hopefully) learn that there are safer options than Google Allo.
Which raises one important question:
Why would anyone on earth want to use Google’s Allo chat app for secure messaging?
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.