You could also have the law enforcement public key that was compelled to be installed in your corespondent keyring, invisibly, re-encrypting all those messages for FB, LEA and IC. That way its all "end-to-end encrypted" and giant public messaging system can be selectively tapped by authorities. Everyone loses!
as of a few months ago[1] it seems like Facebook and other tech companies haven't complied with it yet. I think governments are still just pestering them about it.
It's a falsifiable assumption. Audit the binaries if you want to convince yourself. You will see code to generate and use keys locally, with no mechanism to fetch or share keys from a server.
Why are you so eager to trust an organization that has so often demonstrated it's not worthy of trust?
This is Facebook, for pete's sake. The same company that conducted psychological experiments with zero clinical/ethical oversight by manipulating its users' feeds to see if it could cause depression/anxiety (or the opposite).
Facebook is evil and you should not trust them even a little bit.
The app can auto-update itself at any time and install some binaries that do share the key with the server; trust is virtue of every single thing the company (im this case FB) can do and auto-updates is one of them.
"When you report a secret conversation, recent messages from that conversation will be decrypted and sent securely from your device to our Help Team for review."
So they either have the keys or a way to force the client to decrypt.
Or it’s decrypted on your side, and you reporting it sends the decrypted form. How else would a “report” button work if not with unencrypted data? Not everything is a conspiracy.
Do they offer this service in Australia? Yes. Then they have the keys.