Google started offering users end-to-end encryption for the first time Wednesday with its new Allo instant messaging app. The move makes Google the latest company to follow a tech trend that has privacy advocates cheering, but some law enforcement officials worried.

Conversations in Allo are not automatically protected by that extra secure form of encryption, which allows only those who send and receive messages to unlock them. Rather, users can choose to have “incognito” conversations that feature the security measure, much like a system that Facebook is testing in its Messenger app. Other conversations in Allo are still encrypted between the app and Google’s servers, but that means the tech company will be able to access the content of those messages.

End-to-end encryption is becoming a standard feature for instant messaging apps. Other programs, including Apple’s iMessage and Facebook-owned Whatsapp, protect messages with end-to-end encryption by default.

Some law enforcement officials, most notably FBI Director James Comey, have warned that the spread of end-to-end encryption could help criminals and terrorists “go dark” because companies cannot access the content of the encrypted communications even when faced with a warrant.

Civil liberties advocates and technology experts, on the other hand, have generally praised the expansion of end-to-end encryption in consumer devices as a step forward for users’ privacy and cybersecurity. Some privacy and civil liberties advocates have criticized Google for its slow progress on the encryption front.

“Google is a day late and a dollar short,” said Johns Hopkins professor and cryptography expert Matthew Green. He also criticized Google for backing away from a privacy feature that was expected to be in Allo. When the company unveiled plans for the app, it said logs of users who were not in incognito mode would be de-identified and not permanently stored on its servers. But that’s not the case in the version of the app released Wednesday, which could leave Allo users’ intimate chats at risk of being subpoenaed.

The reason for the shift, according to the Verge, was to improve virtual assistant features built into the app. But Green sees the move as a sign that Google may be unwilling to depart from a business model built on harvesting user data to underpin its lucrative targeted ads market.

“If Google doesn’t see data, they feel that they don’t want to be in that business,” he said. “That’s fine, but customers should be aware that’s how they feel about it.”

While Allo is the first Google product with end-to-end encryption baked in, it isn’t the first time the company has tried to use the technology in its products. Two years ago the company announced plans for a browser plugin that would help Gmail users send and receive encrypted email. The plugin still hasn’t been released.