Mark Zuckerberg published a note on Facebook last night outlining his thoughts around privacy and social networking.

I find it a fascinating read for several reasons. It reads like an internal memo – or even a draft of an internal memo – in that he repeats himself (sometimes verbatim) several times within the note. The realizations he’s come to are surely far overdue. He, and Facebook, were usually ahead of the market on so many things – and on privacy they are far, far behind (on many of their platforms apart from WhatsApp). And given the mutilated reputation of Facebook it seems these adjustments are being forced upon them.

I also find it interesting that both Twitter and Facebook are swimming upstream trying to figure out what in the world to do. They are global communication networks, founded in the US, that are being used and abused in ways – and at scales – that simply have never been seen before. This is new territory and whatever our opinions of the company’s motivations, the job they have ahead of them is monumental and fraught with pitfalls. (see also, this interview with Jack Dorsey, Vijay Gadde, and Tim Pool)

I wanted to pull a few quotes out of Zuckerberg’s note to comment on them.

I understand that many people don’t think Facebook can or would even want to build this kind of privacy-focused platform — because frankly we don’t currently have a strong reputation for building privacy protective services, and we’ve historically focused on tools for more open sharing. But we’ve repeatedly shown that we can evolve to build the services that people really want, including in private messaging and stories.

I could spend a lot of time parsing every single word he writes. An example would be “open sharing”. Facebook is hardly open in the sense we use the term when we refer to the “open web“. What he means is “public”, I suppose. But I won’t spend the time parsing each word – you’ll have to take the context of the terms for what they are and balance them against what you know about Facebook.

That being said, it is compelling to think of Facebook making this large of a shift from public first to private and encrypted and ephemeral first.

People expect their private communications to be secure and to only be seen by the people they’ve sent them to — not hackers, criminals, over-reaching governments, or even the people operating the services they’re using.

My guess is that most people wouldn’t even think that Facebook can or would read their private messages to one another. But, as of today, they can (except on WhatsApp supposedly).

If you watch the aforelinked video you will see a portion where Joe Rogan asks Twitter’s Vijay Gadde if Twitter can read people’s private messages to one another. She responds “I don’t think so?”. Her role isn’t technical, so I do not blame her for not having a direct response (though, she probably should have prepared talking points for this). But I do blame Jack Dorsey for remaining mute. Which, to me is an admission by omission. Twitter can, and does, read private DMs.

Governments often make unlawful demands for data, and while we push back and fight these requests in court, there’s always a risk we’ll lose a case — and if the information isn’t encrypted we’d either have to turn over the data or risk our employees being arrested if we failed to comply. This may seem extreme, but we’ve had a case where one of our employees was actually jailed for not providing access to someone’s private information even though we couldn’t access it since it was encrypted.

This, too, is fascinating. Facebook hasn’t built in privacy from day one into their platform for the sake of the user’s that use it, but now they are considering it because they are starting to see that data as a liability. They need encryption as much or more so than their user base and that is the impetus of this change. Facebook’s interests are their own.

For example, messages could be deleted after a month or a year by default. This would reduce the risk of your messages resurfacing and embarrassing you later. Of course you’d have the ability to change the timeframe or turn off auto-deletion for your threads if you wanted. And we could also provide an option for you to set individual messages to expire after a few seconds or minutes if you wanted.

This paragraph is the one that reads, to me, like a “hey y’all, this would be a great idea right?” internal message to his product team. We could do this! Or this? Or maybe we could even do this?

Either way, it’d be a welcome change to Facebook no doubt.

Then Zuckerberg explains “interoperability” within Facebook’s messaging platforms. He describes being able to send a message to someone – and regardless of their platform of choice – they’d be able to receive and send messages back.

To me, this reads like he’s explaining email.

You can imagine many simple experiences like this — a person discovers a business on Instagram and easily transitions to their preferred messaging app for secure payments and customer support; another person wants to catch up with a friend and can send them a message that goes to their preferred app without having to think about where that person prefers to be reached; or you simply post a story from your day across both Facebook and Instagram and can get all the replies from your friends in one place.

This is email. Yes, there would be other features like video chat, audio calls, payments, etc. etc. But – by and large this is what email does. You can email someone and it doesn’t matter what service or app they are using – they can receive and send a message back and iit can be done securely if they chose to.

The entire note is fascinating to me and worth a read regardless of how you feel about Facebook. Make no mistake, what they end up implementing (or, not) from this new found desire for privacy will echo throughout the other services of the web. For better or worse Zuckerberg just moved the goal posts.