A co-leader on Google's product security team has waved a piece of red meat in front of already frothing privacy advocates by deleting part of a blog post saying he wished the Allo messenger app the company announced Wednesday would provide end-to-end encryption by default.

To critics, the deletion by Thai Duong amounted to tacit admission that his employer was willfully choosing to leave messages sent by the vast number of Allo users open to government surveillance. The critics have argued that because end-to-end encryption will be turned off by default and turned on only in an incognito mode, most users will never avail themselves of the protection.

In a blog post published shortly after Wednesday's announcement, Duong said the move would benefit people who want their messages to be processed by an artificial intelligence agent that would offer auto-replies based on the content of the messages. A built-in digital assistant, for instance, might automatically suggest nearby restaurants or available movies when parties are making plans, but only if the encryption feature is turned off. Then Duong went on to say something that he later deleted from the post:

The burning question now is: if incognito mode with end-to-end encryption and disappearing messages is so useful, why isn't it default in Allo? I wish it's the default (because it's my feature haha :), but even if it is not default all is not lost. I can't promise anything now, but I'm pushing for a setting where users can opt out of cleartext messaging. Basically with one touch you can tell Allo that you want to "Always chat in incognito mode going forward," and from that moment on all your messages will be end-to-end encrypted and auto-deleted. You can still interact with the AI, but only if you explicitly invoke it, so you don't have to give up everything for your privacy gain.

Duong's revised post included several more minor edits. The opening, which originally read:

Disclaimer: I'm one of the engineers in charge of the end-to-end encryption feature in Google Allo. This post (and everything else in this blog) is solely my personal opinion, as I don't speak for my employer.

was changed to:

Disclaimer: This post is solely my personal opinion, as someone from outside the team who consulted on security for Allo.

The updated post also explained that "I erased a paragraph from this post because it's not cool to publicly discuss or to speculate the intent or future plans for the features of my employer's products, even if it's just my personal opinion."

Another change involved updating the statement "I'm one of two security engineers (hi Thiago!) in the Allo team" to "I'm not part of the Allo team, but I consult them on security"

Additionally, after being asked about people who "want to stay off the grid" and "don't want the AI agent to see their text messages," Duong changed his answer from:

That's fine. We understand your concerns. Everybody including me has something to hide. This is why we develop the incognito mode. In this mode, all messages are further encrypted using the Signal protocol, a state of the art end-to-end chat encryption protocol which ensures that only you and your recipients can read your messages.

to:

That's fine. I share your concern. This is exactly why we develop the incognito mode. In this mode, all messages are further encrypted using the Signal protocol, a state of the art end-to-end chat encryption protocol which ensures that only you and your recipients can read your messages.

Last, he changed:

Most people focus on end-to-end encryption, but I think the best privacy feature of Allo is disappearing messaging. All messages sent in incognito mode will disappear after a few minutes. This is what users actually need when it comes to privacy. Snapchat is popular because they know exactly what users want.

to:

Most people focus on end-to-end encryption, but I think the best privacy feature of Allo is disappearing messaging. This is what users actually need when it comes to privacy. Snapchat is popular because they know exactly what users want.

The revised post is available here. For the moment, the post as it was originally posted on Wednesday can still be found in Bing's cache. Here are screenshots showing the precise changes through Microsoft Word's comparison feature.









Google has long been unusual among large Internet companies for the latitude it grants its employees in publicly discussing projects they work on. These posts almost always use a disclaimer that the views are personal opinions that don't automatically reflect the official company line. More often than not, the resulting tweets and blog posts present a more nuanced narrative than Google official statements alone could. Duong's revisions show there are limits to Google's approach.

The changes also suggest that parties at a much higher pay scale than Duong's are highly resistant to providing the type of end-to-end encryption that's on by default in messaging apps such as Signal and WhatsApp. Now that Duong has contradicted that bedrock position, it appears these people are trying to distance the researcher from the Allo design team and suppress his highly relevant opinions on security. Given Duong's track record devising some of the most important crypto attacks of the past five years, including those dubbed BEAST, CRIME, and POODLE, the move is likely to backfire by giving the appearance that a yet-to-be-articulated agenda is eclipsing key concerns and recommendations of a key security engineer.