Secrecy, Flagging, and Paranoia Revisited: User Attitudes Toward Encrypted Messaging Apps

With the popularity of tools like WhatsApp, end-to-end encryption (E2EE) is more widely available than ever before. Nonetheless, user perceptions lag behind. Users often do not understand E2EE’s security properties or believe them sufficient. Thus, even users with access to E2EE tools turn to less-secure alternatives for sending confidential information. To better understand these issues, we conducted a 357-participant online user study analyzing how explanations of encryption impact user perceptions. We showed participants an app-store-style description of a messaging tool, varying the terminology used, whether encryption was on by default, and the prominence of encryption. We collected perceptions of the tool’s security guarantees, appropriateness for privacy-focused use by whom and for what purpose, and perceptions of paranoia. Compared to “secure,” describing the tool as “encrypted” or “military-grade encrypted” increased perceptions it was appropriate for privacy-sensitive tasks, whereas describing it more precisely as “end-to-end encrypted” did not. Prior work had found an association between the use of encryption and being perceived as paranoid. We found this link minimized, but still partially applicable. Nonetheless, participants perceived encrypted tools as appropriate for general tasks.