Bluesky — Policy Change
Executive Summary
Bluesky launched its Direct Messages feature without end-to-end encryption. The company disclosed that DMs are stored unencrypted and can be accessed by Bluesky staff for Trust and Safety investigations including spam and coordinated harassment. Privacy advocates warned users against sharing sensitive information via the feature. Bluesky stated encrypted messaging was planned but offered no firm timeline.
What Happened
On May 22, 2024, Bluesky launched a direct messaging feature that allows users to send private text messages to other users. The company disclosed that these messages are not end-to-end encrypted and are stored in a way that allows Bluesky's moderation team to access them when investigating issues like spam or coordinated harassment. While Bluesky stated it intends to support end-to-end encryption in the future, no specific timeline was provided for this enhancement.
Who Is Affected
All Bluesky users who send or receive direct messages through the platform are affected. By default, users can receive messages from people they follow, though settings can be adjusted to allow messages from everyone or no one. Users sharing sensitive information through DMs are particularly impacted since their messages can be accessed by Bluesky staff during Trust and Safety investigations.
Why It Matters
This launch represents a significant departure from privacy-focused messaging apps that offer end-to-end encryption by default, making Bluesky DMs similar to traditional social platforms where staff can access private messages. The absence of encryption means that unlike competitors prioritizing message privacy, Bluesky users must trust the company to access their messages only when necessary for safety investigations. The lack of a firm timeline for encryption implementation leaves users without clarity on when stronger privacy protections will be available.
What You Should Do
Avoid sharing sensitive, confidential, or personal information through Bluesky direct messages until end-to-end encryption is implemented. Review your DM settings in the Bluesky app to control who can message you, choosing between no one, only people you follow, or all users. If you need to share private information, use alternative messaging platforms that offer end-to-end encryption such as Signal or encrypted messaging features on other services.
AI-Assisted
Event summaries are generated by Claude AI from verified sources and reviewed by humans before publication.
Sources