Over 90 organisations have signed an open letter to Slack urging the UC and collaboration company to introduce end-to-end encryption to its platform.
The letter claims that Slack is putting marginalised communities, human rights and climate activists, and political journalists at risk without the security provided by end-to-end encryption.
Among the organisations to have signed the letter so far are technology-focused nonprofits and communities such as Mozilla, the Open Data Charter and Tor, and civil and human rights groups like the Dangerous Speech Project, Reproductive Health Access Project, and the Lawyering Project.
The letter to Slack read:
We are businesses, organizations, communities, and individuals who depend on tools like Slack to connect online. We are activists organizing for change; journalists who communicate with sources and about sensitive stories; nonprofits providing care and support for our communities; companies that need to streamline our processes and share ideas; students, creators, gamers, alumni, artists, athletes, and other communities that use the Internet to connect with people all over the world.”
The shared concern of the letter’s coalition is that hackers and law enforcement agencies can access messages that aren’t encrypted without user authorisation. The letter also expressed worries over the absence of blocking and reporting tools available to Slack users to help protect them from abuse.
The letter asked Slack to introduce the option to enable end-to-end encryption for messages to protect users’ privacy and to implement blocking, muting and reporting features to help protect users from harassment.
The letter also said that communications platforms have become “a target for criminalising abortion seekers and providers after the reversal of Roe v Wade” in the United States, with many reproductive rights organisations signing the letter.
On Wednesday, lobbyists demonstrated outside Slack’s San Francisco offices and drove mobile billboards around the office with signs reading, “Slack isn’t safe”.
A Slack spokesperson has responded to the protests: “By default, Slack encrypts data at rest and data in transit for all of our customers. All our plans offer customisable retention settings, where customers can automatically delete messages and files after set periods of time. We also offer EKM (Enterprise Key Management), a security add-on for Slack Enterprise Grid that allows organisations to manage their own encryption keys using Amazon Key Management Service (KMS).”
The Slack spokesperson added that the business does not share customer data with government entities or third parties unless they’re “legally obligated to do so” and that they “challenge any unclear, overbroad, or inappropriate requests”.
“We’re always evaluating our security practices and the best options to protect data on Slack so that we meet our customers’ needs and provide an excellent product experience.”
What’s App and Signal are communication platforms that provide end-to-end encrypted messages currently. Meta has signalled a commitment to adopting encrypted messaging for Facebook Messenger, albeit it has yet to be formally implemented. Slack has presently no publicised plans to introduce encrypted messaging.
Slack’s Security Collaboration and AI Solutions
Slack’s messaging platform lacking end-to-end encryption is contentious. However, the vendor has collaborated to strengthen security elsewhere on its platform.
Slack is among the platforms for which cloud-based email security vendor Abnormal Security has launched new threat detection capabilities. Abnormal’s three new email-centric products are designed to help Slack users detect suspicious messages, remedy compromised accounts, and provide data and management services for security posture.
Slack has also made moves into AI. Earlier this month, Salesforce announced Slack GPT, a conversational AI tool to improve business productivity. The technology uses CRM and conversational data and incorporates AI features into Slack, generative AI app integrations, and the function to leverage customer insights through the Customer 360 and Data Cloud.
The launch of Slack GPT followed the release of Salesforce’s Einstein GPT. However, Slack GPT provides more advanced agent-assist innovations within the Service Cloud application than Einstien GPT.
Recently, Slack also rolled out Slack Canvas to improve real-time collaboration between teams in Slack channels via a new information-sharing hub. The intention is that Canvases will enable teams to spend more time working and less time searching for information.
