End-to-end encryption (E2EE) is the cryptographic property where data is encrypted on the sender’s device using keys held only by sender and recipient, transits the network as ciphertext, and is decrypted only on the recipient’s device. The provider operating the network never sees the plaintext and cannot produce it under court order.
What it means in practice
The “end-to-end” claim is operationally meaningful only if (1) the keys are generated on the device, (2) the keys are stored on the device and never transit the provider’s servers in plaintext, and (3) there is no key-escrow back channel that lets the provider regenerate access. Many products that advertise “encryption” satisfy only the first two and quietly retain the third (lawful intercept capability, backup keys held server-side). The Signal Protocol (X3DH key agreement plus Double Ratchet for forward secrecy) is the gold-standard implementation, audited extensively, adopted by WhatsApp, Wire, Skype Private Conversations, and Google Messages. The cryptographic primitive is solid; the operational reality depends on what the provider builds around it.
Where it shows up
Strongest implementations: Signal (default, no choice), Briar (peer-to-peer, no servers at all), Olvid (French E2EE messenger, used by French government for sensitive comms), Threema. Strong but with caveats: WhatsApp (E2EE for content, metadata visible to Meta and producible under court order), iMessage (E2EE between Apple users, broken historically by iCloud backup unless Advanced Data Protection enabled). Email E2EE: PGP for power users, ProtonMail for in-network and OpenPGP for outside, Tutanota equivalent. Storage E2EE: Proton Drive, Tresorit, Sync.com, MEGA. The recurring failure mode: a product offers “encryption” without specifying end-to-end, and the producible content under subpoena reveals the gap.
What you can change today
Verify the E2EE claim on every sensitive channel in your stack. For messaging: open Signal’s safety number screen with each priority contact and verify in person or by trusted out-of-band channel. For email: send a Proton-to-Proton test message and confirm the encryption indicator. For storage: enable Proton Drive and migrate one sensitive folder out of Dropbox or Google Drive as a test. The discipline is to treat “encryption” as a marketing claim until you can name the protocol, the audit history, and the threat model the implementation actually defeats.
