End-to-end encryption on messaging platforms like WhatsApp, Apple’s iMessage, Signal, Wickr, and Telegram has become a double-edged sword in our digital society. On one side, billions of ordinary people rely on these apps to keep their conversations private and secure. On the other side, the same secrecy has turned these platforms into havens for criminals and extremists who can operate in the shadows. This paradox, protecting citizens’ privacy while preventing abuse, has sparked a global debate with no easy answers. Users cherish the freedom to communicate without surveillance, yet law enforcement worries that “warrant-proof” encryption has created “lawless digital spaces where bad actors” can commit crimes undetected.
The Rise of Encrypted Messaging and Its Benefits
Modern messaging apps have rapidly grown to dominate communications worldwide. WhatsApp, for example, surpassed 2 billion users globally and is especially ubiquitous across the Global South. In Africa, WhatsApp is the default communication channel in many countries. It works even on basic phones and spotty networks, allowing people to chat, share photos, do business, and organise events with ease. Part of WhatsApp’s appeal (and that of similar apps) is its promise of security and privacy through end-to-end encryption (E2EE). By 2016, WhatsApp and many major services adopted strong E2EE by default, meaning that messages are encrypted on the sender’s device and can only be decrypted by the intended recipient. Even the platform providers cannot read the content of those chats.
Encryption has become a vital tool for privacy and freedom of expression. Because only the communicating users can see the content, E2EE protects conversations from hackers, corporations, and government surveillance. For many users, this is not just about casual privacy; it’s a safeguard for fundamental rights.
In countries with heavy surveillance, encrypted messaging apps like WhatsApp and Signal have become essential tools for activists, journalists, and dissidents. They allow people to organise, share information, and speak freely without drawing attention or risking interception.
Every day, users benefit too. Encryption offers peace of mind that personal chats, from family talks to business deals, stay private. That’s why platforms like WhatsApp are so widely used and why some governments try to block or hack them. Encryption now plays a key role in how we live, connect, and communicate.
A Magnet for Criminals and Extremists
The same encryption that protects everyday users has also made messaging apps a safe haven for criminals and extremists. Law enforcement warns that terrorists, drug traffickers, scammers, and cybercriminals now use these platforms to communicate without fear of surveillance, a challenge often described as the system “going dark”. Even with a court order, law enforcement often can’t access messages because the platforms themselves can’t decrypt them.
Terror groups like ISIS have used Telegram and WhatsApp to spread propaganda and plan attacks. In a 2017 case in the UK, the attacker’s final WhatsApp message couldn’t be retrieved due to encryption, prompting officials to question why such private channels should exist for terrorists. Organised crime has also adapted. Encrypted chats are used for trafficking drugs, people, weapons, and stolen data. The FBI has reported that encrypted messaging is now a tool for serious crimes, including child exploitation and fentanyl distribution.
Financial fraud has also shifted into these encrypted spaces. A 2024 fraud report found scams on WhatsApp and Telegram made up 39% of all reported cases, with Telegram-related scams rising 121% and WhatsApp scams up 67%. Criminals exploit users’ trust in “secure” apps to trick them into sharing sensitive information, while encryption keeps their activities hidden from scrutiny.
These platforms have also fueled the spread of hate speech and false information. Encrypted groups act like echo chambers, where rumours can spiral unchecked.
While encryption is vital for privacy, it also makes it harder to detect and stop criminal activity, turning some messaging apps into blind spots for public safety.
.
The Privacy vs. Security Dilemma
Encrypted platforms have created a growing conflict between the right to privacy and the need for security. Civil liberties groups see strong encryption as essential for protecting personal freedom, while law enforcement argues that it gives criminals a safe space to operate beyond the reach of warrants or surveillance. This has led to intense global debate over how to protect both public safety and digital rights.
Police say they’re often locked out of critical evidence. In many cases, they hold suspects’ devices but can’t access messages due to encryption, even with a court order. After the 2017 Westminster terror attack, UK officials couldn’t read the attacker’s WhatsApp messages. Then-Home Secretary Amber Rudd criticised encryption, calling for intelligence agencies to gain access in cases of national security.
Law enforcement agencies like the FBI support the idea of “responsibly managed encryption”, strong security with a backdoor for authorities in extreme cases. They claim it’s not about weakening encryption for everyone, but about allowing lawful access in investigations, similar to old-school wiretaps.
But privacy advocates and tech experts warn that any backdoor, no matter how restricted, creates a weakness that bad actors can exploit. History shows surveillance tools built for criminals often end up used against journalists, dissidents, and minority groups. In 2019, it was revealed that governments used NSO Group spyware to hack into WhatsApp accounts of activists, bypassing encryption entirely.
Groups like the Electronic Frontier Foundation argue that proposals to scan messages or insert backdoors are dangerous and ineffective. Scanning can violate privacy, trigger false alarms, and still miss determined criminals. Worse, once a system allows secret access, authoritarian governments might demand it too.
Advocates stress that encryption protects far more than chat messages it secures banking, health data, and other sensitive information. Weakening it exposes everyone to theft, abuse, and surveillance. As many have said, encryption is either secure for all or insecure for all. Once you make exceptions, no one is truly safe.
Searching for a Balance (or a Compromise)
Is there a middle ground that protects user privacy while preventing criminals from “having a good time” on these platforms with impunity? It’s a question policymakers and technologists continue to grapple with. So far, no universally accepted solution has emerged, and Africa has become a new battleground for attempts to balance these competing goals. Governments worldwide have floated various ideas, each with pros and cons. Some countries have pursued legislation to force cooperation from tech companies. For example, lawmakers in the United States proposed bills like the EARN IT Act, which would threaten platforms with liability unless they proactively police content (implicitly discouraging the use of E2EE). The stated aim of such laws is often to combat child abuse or terrorism, but digital rights groups say the effect is to strong-arm companies into weakening encryption or scanning messages.
In the European Union and the United Kingdom, officials have considered measures requiring messaging apps to implement client-side scanning, essentially, having the app itself check messages before they are encrypted for known illegal content. However, tech experts and even some companies have pushed back, arguing that this undermines the privacy promise of E2EE and might not even work reliably.
Others have suggested more creative compromises. One controversial idea is to tie encryption to identity verification. An opinion piece in the privacy community suggested restricting full end-to-end encryption to “verified” accounts only. In theory, this would mean a user has to prove their real identity (perhaps via a government ID check) to use an app in fully encrypted mode; unverified users’ chats would remain accessible. Proponents argue this could deter criminals, who prefer anonymity, while regular law-abiding users could still get encryption once they verify. However, this idea raises many concerns: it could create a two-tier system that diminishes privacy for those unwilling or unable to verify, and it introduces new complexities about data handling (e.g. businesses collecting ID documents, which creates its own privacy issues). There’s also scepticism about effectiveness, hardcore criminals could likely steal or fake identities to get “verified,” or simply move to underground tools. At present, no major messaging service has adopted this approach, but it highlights how far the search for solutions is going.
In Africa, where WhatsApp and similar apps are deeply ingrained in daily life, the debate often centres on curbing dangerous content without sacrificing privacy. Some civil society groups and researchers advocate using metadata and network patterns (which companies can collect without reading message content) to spot and slow the spread of viral hate speech or disinformation. For instance, WhatsApp has already implemented limits on message forwarding to prevent unchecked virality of rumours. Additional steps like monitoring how quickly certain messages proliferate (via metadata) could potentially flag malicious campaigns, all “without sacrificing privacy” by exposing the actual text.
Meanwhile, some governments in Africa (and beyond) have taken a more drastic route, when faced with unrest or fearing the spread of dangerous messages, they simply shut down access to apps or the internet altogether. The fact that leaders resort to turning off the tap entirely underscores their frustration at not being able to moderate encrypted conversations, but it also shows the dangers of overreaction, as it punishes everyone and harms the economy and free expression.
For law enforcement agencies, the focus has shifted to alternative investigative tactics in this new era. Since they know they often cannot get the plaintext of messages, authorities invest in old-school methods like cultivating informants to infiltrate closed groups, or high-tech ones like device forensics and spyware. Intelligence agencies have had some success hacking the “endpoints”, meaning the phones or computers of suspects, to capture messages before they get encrypted or after they are decrypted on the recipient’s device. Indeed, several major criminal cases have been cracked not by breaking encryption, but by hacking into suspects’ devices or cloud backups.
However, these workarounds are resource-intensive and raise their own legal/ethical questions.. For the most part, the widespread availability of strong encryption means this genie is out of the bottle. As one counterterrorism expert noted, the “source code” for end-to-end encryption is widely available online, so short of shutting down the internet, there is no way to stop individuals (including terrorists) from creating their encrypted channels. This reality suggests that banning or weakening encryption in mainstream apps might simply drive criminals to use other encryption tools, while law-abiding users are left less secure.
Conclusion
Encrypted messaging platforms sit at the centre of a fundamental tug-of-war between privacy and security in the digital age. We, as citizens, want and deserve encryption for the sake of privacy to protect our personal conversations, to safeguard our data from hackers, and to uphold the freedom to speak our minds without constant fear of surveillance. In many parts of the world, these protections aren’t abstract luxuries; they are crucial for activists challenging power, for journalists contacting sources, and for everyday people conducting business or maintaining relationships across distances. At the same time, it’s clear that criminals and extremists have been exploiting the very same encryption to hide vile activities. They have found in WhatsApp, iMessage, Signal, Telegram and others a convenient shield to “evade law enforcement detection” while sexually exploiting children, spreading violent ideologies, or defrauding innocent victims. This situation leaves society in a bind. Should the quest for absolute privacy enable a safe haven for wrongdoing? Or can we curtail the abuse without destroying privacy rights for all?
So far, no one has discovered a magic formula to perfectly balance these interests. If you tilt too far toward surveillance and “backdoors,” you risk compromising the security of millions of lawful users and empowering oppressive snooping. Tilt too far toward absolute privacy, and you grant impunity to those who would abuse that secrecy to harm others. The world is still experimenting, debating, and sometimes deadlocked on this issue.
Around the world, the conversation continues among governments, tech companies, rights groups, and citizens: how do we keep the benefits of encryption for free expression and safety from tyranny, without allowing the worst actors to misuse it as a cloak? It is a complex problem with no simple solution in sight.
What is certain is that encryption itself is here to stay; it’s deeply embedded in modern technology and everyday life. Any move to weaken it would affect billions and likely create more problems than it solves. Thus, the challenge ahead is finding innovative ways to police the abuses that occur on encrypted platforms while upholding the privacy of regular users. That might involve new technological breakthroughs, smarter investigative methods, or legal frameworks that address crime in the digital era without demolishing privacy.
As of now, we live with the trade-off: encryption grants us greater personal security and liberty online, even as it inadvertently provides cover for criminals. The hope is that with continued dialogue and careful policy, we can inch closer to a world where we enjoy the fruits of privacy and freedom on these platforms, yet criminals find it harder to exploit them as their playground. The balance is delicate, but striving for it remains essential in our increasingly digital and encrypted society.
