Federation is sometimes considered the system of the future. It’s not surprising, therefore, that federated chat services are becoming more popular in certain circles. Although their advantage is that they are not dependent on a single server operator, there are a number of major drawbacks in terms of security and privacy protection compared to centrally managed solutions.
As far as network topology is concerned, messaging services can be divided up into three general categories:
-
Centralized Systems
The majority of messaging services fall under this category. Each service has one single operator who is responsible for user registration and message processing. -
Federated Systems
These systems consist of a network of servers from different operators. A federated system can include any number of servers. -
Peer-to-Peer Systems
Peer-to-peer technology allows end devices to connect with one another directly without an intermediary server.
Peer-to-peer systems do not allow for asynchronous communication, meaning that both parties must be online at the same time in order to exchange messages. Due to this major limitation, there are very few peer-to-peer chat apps, and we will not discuss this system any further in this post. This leaves traditional, centrally managed services and federated services.
Federated services allow users to register with the server operator of their choice and send messages to users who are registered with any other operator. A protocol standard such as XMPP or Matrix ensures that messages can be exchanged across various operators.
The main advantage of federated systems is that the loss of one server operator does not significantly impact the overall system.
In our comprehensive comparison of communication tools for companies, we only consider centralized services like Beekeeper, Microsoft Teams, and Wire because these can be directly compared with one another, whereas solutions like Element and Teamwire are fundamentally different and, due to their decentralized architecture, involve certain drawbacks in terms of security and privacy protection.
More Servers, Less Control
With a centralized system, users only need to trust one server operator, i.e., the service provider itself. In Threema’s case, minimal trust is required because the service can be used anonymously and personal data such as contact lists and group memberships is managed directly on the users’ end devices, not on the central server.
In Matrix-based systems, a user must place a lot more trust in the operator of the home server (i.e., the server where the user is registered), especially because this server operator generally is able to view its users’ contact lists and group memberships.
What’s more, as soon as multiple servers are involved in the communication – which is the point of federated systems – all of the involved server operators can view the users’ communication behavior. Metadata (who communicates with whom and when, etc.) accumulates on every server with every message, and it is practically impossible for users to know for sure whether all of their data gets deleted as prescribed by modern data-protection laws.
Speaking of the law, it is nearly impossible for companies to communicate across servers from different operators in a legally compliant way: When messages are sent outside of a company’s in-house server, the personal data of the participants is processed by third parties. This would require the company to negotiate a data-processing agreement with each server operator in advance, which, of course, is not feasible in practice.
Little Innovation, Slow Development
Given the large number of servers involved, federated systems are associated with a host of other practical drawbacks. For example, what’s known as “protocol ossification”: new features need to be specified on the protocol level, implemented in clients, and then integrated on all servers in order to guarantee full compatibility. This makes the overall system sluggish and derails innovation.
The fact that federated systems do not encourage innovation is illustrated by good old email: Also based on federation, its development has basically been at a standstill for decades, while pressing issues like spam and phishing remain unaddressed. Moreover, end-to-end encryption cannot be applied in a user-friendly way, which is why most email communication is still only transport-encrypted, thereby allowing server operators the ability to read messages.
To sum up: Even though considered the system of the future by some, federation is nothing new. It comes with considerable drawbacks in terms of privacy, and instead of encouraging innovation, federation stifles it.