Element, a new messaging platform with end-to-end encryption, is used by spies, politicians and a selection of government agencies around the world. It markets itself as a decentralised and secure alternative to WhatsApp, Slack and Zoom. The startup has just announced $30m in new funding and is looking to scale up.
However, Element’s new Series B raise comes against a background of conflict as many security agencies want all messaging platforms to include backdoors for law enforcement agencies. At the same time, Element is collaborating closely with Twitter’s founder as it works on ways to combat extremism and unwanted content on its platform. Thematic research from GlobalData estimates that data privacy will become a hot button topic for tech companies in the years to come as governments around the world are increasingly introducing new regulations to protect people’s private information.
End-to-end encryption: Enter the Matrix
Element is based on Matrix, an open-source network for decentralised communication with end-to-end encryption baked in. Matthew Hodgson and Amandine Le Pape first dreamed up the concept back in 2014. Today, they serve as Element’s CEO and COO, respectively.
At the time they were running Israel-headquartered Amdocs’ unified communications division together, which Hodgson describes as “a great way to learn how to run a business and build clones of Skype and WhatsApp.
“In the end it was a little frustrating and we came up with Matrix as a, should we say, a bit of a rebound from building services for the telecoms industry for many years,” he tells Verdict.
The idea behind Matrix came when they wondered why there wasn’t an open-source messaging and communication tool on the web. While anyone could easily build internet startups a la Google, Hodgson and Le Pape felt the same kind of easy tools didn’t exist for video and messaging. In 2014, they decided to do something about it and launched the Matrix.org Foundation, the “non-profit guardian of the standard”.
“Matrix is the missing communication layer for the open web,” Hodgson claims. “It is aimed at creating an industry with the same vibrancy and excitement and anarchism that you get on the open web, except it’s focused on communication rather than web apps and that sort of thing.”
Element, which was called Vector back then when it was still in beta, is the profit-making company created to fund the development of Matrix. The project was incubated with Amdocs for three years before it was spun out as a company on its own, a decision based to some extent on recruitment issues.
“We really needed to be able to hire the right calibre of people and they don’t necessarily want to go work for a 20,000-person multinational,” Le Pape tells Verdict.
When they spun out Vector they changed the name to Riot. One of the startup’s early successes came soon thereafter when Emmanuel Macron was elected as the president of France. At the time, Macron’s team were running all their communications on either Whatsapp or on Telegram.
“The government security team said that’s not great to have all our data stored either in Russia or in the US, we need something that we can host yourself and we can control,” Le Pape claims.
They turned to the Riot team, asking for help to build a decentralised communications solution based on Matrix. The final solution was released in 2019 and was named Tchap. Each department runs and controls its own server, meaning they have more control over their own security. At the same time, Tchap enables government workers to chat and message with employees at other departments. Today, over 300,000 workers use it.
“It’s been a great success,” Le Pape says.
Following the success of Tchap, other government bodies have reached out to the startup to help them create similar apps. Today, its clients include Germany’s education and public administration systems, its armed forces and governmental bodies in the US and in the UK.
To reflect the change, Riot renamed itself to Element in 2020.
“It was a bit hard to sell an app called Riot to the Department of Emergency Services,” Le Pape notes.
Now, Element expects more organisations and businesses will look to adopt Matrix-based solutions.
In their Element
Covid-19 has made the need for secure communications tools evident. The pandemic forced everyone from Facebook to Salesforce to embrace remote working. As they did, they needed safe ways to keep their teams together. Many of them resorted to using Zoom and Slack. However, Hodgson doesn’t regard that as a good solution.
“Ask Electronic Arts what’s wrong with Slack,” he says, referring to the well-documented breach where attackers gained access to EA’s Slack and convinced an employee to given them access to the company’s network. In the end, the hackers absconded with the source code for EA’s proprietary Frostbite game engine, which is used to run many other high-profile games.
“Slack is unencrypted,” Hodgson continues. “It has no end-to-end encryption, you have no way to verify that the people you’re talking to are actually your colleagues.”
Similarly, he believes anyone using Facebook-owned apps like Messenger or Whatsapp will sooner or later find their data being used for advertisement purposes.
“It’s just a disaster to be handing all of that information over to Facebook,” he claims.
In contrast, Element’s decentralised approach, where each organisation is in control of its own servers and using end-to-end encryption throughout, allows it to claim stronger cybersecurity than many of its counterparts.
Patel’s backdoor problem
End-to-end encryption has long been a hot-button issue for communications services. Zoom found itself facing a massive backlash at the start of the pandemic after the video conferencing app said it would enable it, but only for paying customers. It subsequently did a complete U-turn and has delivered end-to-end encryption for all users since October last year. Microsoft Teams followed suit in March.
The reason why customers like end-to-end encryption is because even if someone has access to the infrastructure connecting users, they cannot eavesdrop on messages or calls.
However, to some politicians, that’s a problem. In the UK, for instance, home secretary Priti Patel has called for companies like Facebook to provide law enforcement and national-security agencies with digital backdoors so that they can better protect the public from criminals and terrorists.
“I think it’s fairly clear the backdoors are a catastrophically stupid idea, because they let the bad guys in,” says Hodgson.
He compares it to an incident in 2016 when security experts got access to the TSA’s master keys, meaning they could cut or 3D-print keys that would allow them to open every suitcase in the world.
“It’s just a fundamentally stupid idea,” Hodgson says. “You can see why a perhaps not very technologically literate politician might propose it as a way to keep everybody safe, but frankly, there are much much more sophisticated ways of policing the world.”
Instead, he argues that law enforcement should try to gain access to these networks in other ways.
“If you think people are doing bad stuff on the internet, you should go and hang out with them undercover and see whether they are doing bad stuff or not,” Hodgson says.
He also finds it hypocritical for lawmakers to argue for weaker cybersecurity for ordinary users given that several government organisations use Matrix-based solutions.
“So it’d be completely hypocritical of the same government to turn around and tell us that actually, we have to undermine our encryption offer. Frankly, it’d be alarming if it’s, ‘Hey, you have to undermine it for the citizens, but it’s okay for the citizens who happen to have been elected to be politicians to have access to proper security,’” he says.
Nevertheless, Element does have a problem with bad people. Matrix is used by far-right, Jihadists and Incel communities.
Hodgson says that on a public network with 35 million people on it spread across 76,000 servers, “there is a definite risk of people” using the encryption “for bad stuff.”
He notes that on the Element side of the business, the company has a devoted team in place to find any potentially criminal content and to work with authorities to get it sorted.
On the open Matrix side, things are a bit trickier.
“We can’t stop people from using it,” Hodgson says. “Just like Tim Berners-Lee can’t stop ISIS using the web, or Vint Cerf can’t stop Isis using the internet, we can’t stop the bad guys going and using Matrix.”
What they can do is to enable users to make sure they never get in contact with the kind of content they don’t want to get in contact with.
Matrix is currently working with Twitter’s “bluesky” initiative. It essentially allows users to rank how much they trust different users. The higher the rank, the more visible they are.
“It’s literally allowing you to go and get rid of things which are evil,” Hodgson says.
Matrix is working in in close collaboration with Twitter founder and CEO Jack Dorsey.
“Jack is very much on the same page as us on this and we’ve had a bunch of calls with him basically brainstorming it through,” Hodgson says.
Element’s $30m Series B
Element has raised its $30m Series B round in order to work on these issues and in order to scale the company.
Skype co-founder Jaan Tallinn supported the round via his Metaplanet investment fund. Other investors include Protocol Labs, Automattic and Notion.
“When communication is centralised it becomes a very appealing target for abuse; whether that’s through propaganda, surveillance, censorship or worse,” Tallinn says. “Consumers need rescuing from surveillance capitalism, and organisations need a secure neutral way to communicate. Matrix is the most advanced platform to provide that missing communication layer.”
Hodgson is happy to have the investors onboard, saying it will enable Matrix to achieve its goals and to fight back harder against abuse and hate.
Element will also increase its focus on enterprises, maturing its Matrix-hosting business and ensuring Element is ready for peer-to-peer Matrix. It will also further develop Matrix, including peer-to-peer, a decentralised reputation system, encrypted VoIP and refining end-to-end encryption.