Google's dangerous move

A new update on Pixel allows administrators to manage internal messages. Photo: Google .

According to Android Authority , Google is rolling out RCS archiving, a feature that allows employers to block or archive conversations on company-managed devices. Simply put, superiors can now read RCS messages in Google Messages, even if they are end-to-end encrypted.

This only applies to company-managed devices and does not affect personal phones. For industries with strict regulations, this feature simply supplements the existing SMS storage mechanism.

Unlike email, employees in typical companies view text messaging as a more informal form of communication between colleagues, not requiring excessive formality when sending messages to their boss, especially when these messages are end-to-end encrypted to ensure privacy. That's no longer true.

According to Forbes , users have a common misunderstanding about end-to-end encryption. This mechanism only protects messages during transmission, but once they are in the phone, they are decrypted and anyone who controls the device can access them.

Google says this is “a reliable message archiving solution, powered by Android, and backward compatible with both SMS and MMS.” Employees will see a clear notification on their device whenever archiving is enabled.

This could make employees less enthusiastic about using company-issued smartphones. Because it's not just strictly managed professions; any organization can enable this feature.

The feature is being rolled out on Google Pixel and other compatible Android Enterprise devices. Employees will be able to take full advantage of RCS, such as showing login and viewed status, and end-to-end encryption between Android devices, while ensuring the organization meets compliance requirements, Google said.

However, according to Forbes, there have long been concerns that employees are turning to "shadow IT" platforms to communicate with colleagues, particularly WhatsApp and Signal. This new update certainly doesn't improve that situation.

Previously, Microsoft also sparked controversy by notifying users whenever an employee was not working. Specifically, in the Microsoft 365 Roadmap update, when users connected to the company's Wi-Fi, the system would display their location to indicate where they were working.

Cybersecurity News argues that this method bypasses recent security enhancements, creating risks of lateral movement within systems and data leaks in enterprise environments. These access codes allow for identity spoofing, such as sending Teams messages or emails on behalf of the victim, phishing attacks, or maintaining access.