Also I believe they create an id on device for the media and can identify (known) images are going back and forth. Don't know why they couldn't use this for targeting even though "the data is encrypted"

I think this is a next step we must demand after everyone gets on board with E2E messaging.

Metadata is still data!

I would say that people have currently major misunderstanding between what is more important.

Let's imagine a situation where all the messages from Meta's platforms are leaked. On other scenario message content is plaintext, but senders, receivers, timestamps and locations are encrypted (on top of app usage behaviour).

On the other scenario, all the contents are encrypted, but the metadata is public.

We would know to whom everyone, in anytime, in any location, in which interval has talked to.

Which is more dangerous or damaging?

As a thought experiment, I’m interested in people listing metadata that fits the legal definition and teasing out types that the public would probably not think is metadata.

I’ll start first off the top of my head:

- The (real) identity of you and every person you talk to

- The time of the messages

- The location they were sent from

- The specific device used to send them

- A sentiment analysis: were the messages positive? Negative? Depressed? Anxious? Sarcastic?

- A description of the pictures that were sent (for example by an on-device AI model)

- A transcript of any voice memos/videos

Raised elsewhere in this thread: hashes of media, maybe perceptive hashes sent and revived.

Read receipts.

User is typing indicators.

> perceptive hashes

And if you’re sending media they have on record that means they can look up the exact same media and still have it qualified as metadata