Consumer Rights Wiki - User contributions [en]

Positive practices

2025-08-07T00:49:54Z

Watermullins: added suggestion, tweaked wording

{{ToneWarning}}
Positive practices are pro-consumer business approaches that prioritize the interests, rights, and well-being of customers. They are designed to empower consumers, offer fairness, transparency, and value:
*;Transparency
::Clearly disclosing pricing, terms, conditions, and product information upfront.

*;Fair value
::Offering products/services at reasonable prices that match the value provided.

*;Consumer control and choice
::Giving customers genuine options, easy cancellation, ownership rights, and repair ability.

*;Longevity and durability
::Designing products to last and be repairable, reducing waste and repeat costs.

*;Respectful support
::Providing accessible, helpful, and fair customer service to resolve issues.

==Examples==
{| class="wikitable"
|+Common Positive Practices
!Practice
!Description
|-
|One-Time Purchase
|Offering a product or service for a single payment with no recurring fees for core functionality
|-
|Right to Repair
|Designing products to be repairable, and making parts, tools, manuals and software accessible
|-
|Transparent Pricing
|Clearly displaying the full price (including all mandatory fees/taxes) upfront in advertising or early during checkout
|-
|Fair Return Policy
|Offering easy returns, exchanges, or refunds within a reasonable timeframe
|-
|Clear Cancellation Policy
|Making it simple and straightforward for consumers to cancel subscriptions without hoops
|-
|Ownership Model
|Ensuring consumers own what they purchase, including the ability to use, modify, resell, or transfer the product freely
|-
|Honest Marketing
|Providing accurate information about products.
|-
|Proactive Customer Support
|Offering readily available support to identify and resolve issues efficiently.
|}
----

===Subscription or single purchase===
Subscriptions prioritize continuous access and updates, while one-time purchases emphasize upfront ownership.

====One-time====
:A single payment granting permanent ownership or access to a physical product or lifetime software license.
::Positives<ref name=":SubOne">{{Cite web |last=Fernandes |first=Lauren |date=February 6, 2024 |title=Consumer Outlook 2024 |url=https://nielseniq.com/global/en/insights/report/2024/consumer-outlook-2024-6-consumer-sentiment-driven-strategies-to-drive-growth-and-capture-spending/ |website=Nielsen IQ }}</ref><ref name=":SubTwo">{{Cite web |last=Goodbread |first=Justin |date=October 27, 2023 |title=The Truth About Recurring Revenue |url=https://www.forbes.com/councils/forbesfinancecouncil/2023/10/27/the-truth-about-recurring-revenue/ |website=Forbes }}</ref>
::*No long-term financial commitment required.
::*No ongoing costs allows customers to avoid recurring fees.
::*The users retains access indefinitely without dependency on the provider.
::Negatives<ref name=":SubOne"></ref><ref name=":SubTwo"></ref>
::*Higher initial cost may deter budget-conscious buyers.
::*Limited updates and future improvements may require additional purchases.
::*Businesses rely on new sales for sustained income.

====Subscription====
:Recurring monthly or annual payments provide ongoing access to a product or service.
::Positives<ref name=":SubOne"></ref><ref name=":SubTwo"></ref>
::*Lower entry cost spreads payments over time, making services more accessible.
::*Subscribers receive continuous updates, ongoing improvements, and support.
::*Businesses get a predictable revenue stream from recurring payments.
::Negatives<ref name=":SubOne"></ref><ref name=":SubTwo"></ref>
::*Long-term cost may become more expensive over time than a one-time purchase.
::*Ongoing commitment requires active cancellation to stop payments.
::*Subscription fatigue may cause consumers to feel overwhelmed by multiple recurring charges.

====Considerations for subscription plans====

*Does this service update frequently or at least within the subscription timeframe?
*How long will I be needing this service, and will it be compatible with me for that amount of time?

====Considerations for one-time purchases====

*Will I need this for more than a single month (or subscription period)?
*How soon will this product become redundant or outdated? Is it an annual subscription in disguise?

===Offline product vs. online services for digital goods===
Services that run exclusively online innately allow the company to maintain greater control over how their products operate and are received. This form of control can lead to changes in the product that can improve it, but can otherwise also introduce a myriad of issues such as incompatibility and the removal of functionality. Digital goods that are completely operational offline allow the consumer to decide how long those goods will be used. As long as the downloaded product can be stored and correctly rendered, it has no expiration.

====Considerations for online services====

*Is this product made for online connectivity and interaction?
**Example: Online social games such as ''World of Warcraft''
*Is this product more secure online?
*Is required online connectivity an artificial constraint or is it legitimately necessary for the product's functionality?
*How likely am I to maintain an internet connection to this service?
*Can this service alter itself into an incompatible state? Can this service remove functionality that I need?
*Is this service distributed from a centralized organization?
**If so, is there legislation and effective enforcement in said organization's location that protects me from malicious practices with my data?

====Considerations for offline products====

*Will I be able to effectively download and store this?
*Does the product contain intrusive DRM protections?
*Does it have any dependencies, and can those dependencies become redundant?
**Example: Products designed for a limited set of operating systems that may become outdated

===Source availability===
Oftentimes companies will not provide or [[security through obscurity|actively obscure]] details about how a product works. This exacerbates the potential pitfalls mentioned above, but when information is provided it can eliminate many of them.

====Considerations for physical goods====

*Does the product provide schematics?
*Are parts available?
**This helps product longevity by making repair easier, regardless of who performs the repair.
*Are there anti-repair measures in place?

====Considerations for digital goods====

*Is the source code available?
**This can allow patches if unwanted updates are pushed or support is dropped.
*Are there [[DRM]] measures in place?

[[Category:Common terms]]
<references />

Signal cloud backups

2025-08-07T00:04:05Z

Watermullins: improved tone neutrality tone in intro segment

{{ToneWarning}}

Signal is an open source encrypted messaging service that is frequently recommended to highly vulnerable users such as human rights activists, whistleblowers, and journalists whose lives and/or freedom can depend on their ability to maintain private and secure communication.

Though they maintain a public image as a company with user-centric and minimal data collection practices, starting in 2020 Signal began quietly collecting and storing sensitive user data on their cloud database. Signal's changes to what data is collected and how it is stored were made without obtaining user consent. For a service that is trusted by users in privacy-critical situations, they have failed to allow current and prospective users to make informed choices about the risks they are taking when using Signal.

==Background==
Over the years Signal has curated a reputation that they do not collect or keep data on their users.

Signal has publicly disclosed that they have received legal requests for subscriber's names, telephone numbers, histories, and contacts and Signal has said that they were unable to supply that information because it was never collected by Signal in the first place. These incidents have been reported in the media.<ref>{{Cite web |title=FBI demands Signal user data, but there’s not much to hand over |url=https://arstechnica.com/tech-policy/2016/10/fbi-demands-signal-user-data-but-theres-not-much-to-hand-over/ |archive-url=https://web.archive.org/web/20240401002649/https://arstechnica.com/tech-policy/2016/10/fbi-demands-signal-user-data-but-theres-not-much-to-hand-over/ |archive-date=1 Apr 2024 |access-date=6 Mar 2025}}</ref>

Signal's website states:<ref name=":0">{{Cite web |title=Grand jury subpoena for Signal user data, Eastern District of Virginia |url=https://signal.org/bigbrother/eastern-virginia-grand-jury/ |archive-url=https://web.archive.org/web/20250302042109/https://signal.org/bigbrother/eastern-virginia-grand-jury/ |archive-date=2 Mar 2025 |access-date=6 Mar 2025}}</ref>

''"We’ve designed the Signal service to minimize the data we retain about Signal users, so the only information we can produce in response to a request like this is the date and time a user registered with Signal and the last date of a user’s connectivity to the Signal service.''

''Notably, things we don’t have stored include anything about a user’s contacts (such as the contacts themselves, a hash of the contacts, any other derivative contact information), anything about a user’s groups (such as how many groups a user is in, which groups a user is in, the membership lists of a user’s groups), or any records of who a user has been communicating with."''

==Data collection begins==
{{DisputedInline|reason=see further notices in this section, section title is misleading|Misleading section title}}

Signal's data collection practices changed in 2019 when Signal previewed a feature they called "secure value recovery".<ref>{{Cite web |title=Technology Preview for secure value recovery |url=https://signal.org/blog/secure-value-recovery/ |archive-url=https://web.archive.org/web/20241228040757/https://signal.org/blog/secure-value-recovery/ |archive-date=28 Dec 2024 |access-date=6 Mar 2025}}</ref>

This new feature meant that Signal would start collecting the same kinds of information that Signal had been getting legal requests to turn over, and that Signal would keep that data in the cloud.{{DisputedInline|reason=feature does not store user data in the cloud like other messaging apps|Misrepresents the new feature as storing user's data to cloud servers}} Their stated reason for doing this was so that if a Signal user got a new device they could install the app, enter a pin, and the app would pull down the user's data from cloud servers.

The data being collecting and stored in could includes: The user's name, photo, phone number, and a list of every Signal user they have contacted.<ref>{{Cite web |title=What contact info does the Signal PIN functionality actually save |url=https://community.signalusers.org/t/what-contact-info-does-the-signal-pin-functionality-actually-save/16854/4 |access-date=6 Mar 2025}}</ref>{{DisputedInline|reason=contact discovery on Signal is private and does not share the phone number as explained later in the cited sources|Cited source is heavily cherry picked}} Note that the messages are not saved in the cloud.

This was a highly controversial change, and some Signal users objected on philosophical grounds,<ref>{{Cite web |title=Don’t want PIN, don’t want anything stored in cloud |url=https://community.signalusers.org/t/dont-want-pin-dont-want-anything-stored-in-cloud/14057 |archive-url=https://web.archive.org/web/20240301015109/https://community.signalusers.org/t/dont-want-pin-dont-want-anything-stored-in-cloud/14057 |archive-date=1 Mar 2024 |access-date=6 Mar 2025}}</ref><ref>{{Cite web |title=PIN, cloud storage are showstoppers |url=https://old.reddit.com/r/signal/comments/ghsj5b/pin_cloud_storage_are_showstoppers/}}</ref><ref>{{Cite web |title=Forced PIN, bite it Signal |url=https://old.reddit.com/r/signal/comments/hkle3d/forced_pin_bite_it_signal/}}</ref><ref>{{Cite web |title=Welcome to the cloud Signal users! |url=https://old.reddit.com/r/signal/comments/hkl914/welcome_to_the_cloud_signal_users/}}</ref> requesting that Signal instead provide a means to export encrypted backups that could be imported locally eliminating any need to upload data to the cloud. Signal users also raised technical concerns about the security of the system and doubts that it would protect their data.<ref name=":1">{{Cite web |title=Proper secure value security: PINs are too easy to brute force, SGX is not reliable enough |url=https://community.signalusers.org/t/proper-secure-value-security-pins-are-too-easy-to-brute-force-sgx-is-not-reliable-enough/15096 |archive-url=https://web.archive.org/web/20240301015110/https://community.signalusers.org/t/proper-secure-value-security-pins-are-too-easy-to-brute-force-sgx-is-not-reliable-enough/15096 |archive-date=1 Mar 2024 |access-date=6 Mar 2025}}</ref> Some of these concerns were also shared by cybersecurity-experts<ref name=":2">{{Cite web |title=Signal’s New PIN Feature Worries Cybersecurity Experts |url=https://www.vice.com/en/article/signal-new-pin-feature-worries-cybersecurity-experts/ |archive-url=https://web.archive.org/web/20250117232443/https://www.vice.com/en/article/signal-new-pin-feature-worries-cybersecurity-experts/ |archive-date=17 Jan 2025 |access-date=6 Mar 2025}}</ref><ref name=":3">{{Cite web |title=Signal Going to Cloud? A Discussion with Sean O'Brien |url=https://www.youtube.com/watch?v=PFi-VI7_T3o}}</ref><ref name=":4">{{Cite web |title=Does Signal’s “secure value recovery” really work? |url=https://palant.info/2020/06/16/does-signals-secure-value-recovery-really-work/}}</ref> and security researchers demonstrated that the system was vulnerable to attacks which allowed them to access the user data being stored.<ref>{{Cite web |title=SGX CacheOut SGAxe attack. Signal’s cloud storage and contact discovery vulnerable |url=https://community.signalusers.org/t/sgx-cacheout-sgaxe-attack-signals-cloud-storage-and-contact-discovery-vulnerable/14892 |archive-url=https://web.archive.org/web/20230519115856/https://community.signalusers.org/t/sgx-cacheout-sgaxe-attack-signals-cloud-storage-and-contact-discovery-vulnerable/14892 |archive-date=19 May 2023 |access-date=6 Mar 2025}}</ref>{{DisputedInline|reason="In recent weeks, Signal has introduced more features that make it more user friendly to people who may not have extremely paranoid threat models. For example, it’s now possible to migrate all Signal data, including message history, from one phone to another, using a feature that does not rely on cloud servers and is also encrypted, according to Signal. "|Cited vice article explains more nuance}}

There were also complaints specific to the implementation of the new pin feature<ref>{{Cite web |title=An terrible experience with Signal PIN |url=https://old.reddit.com/r/signal/comments/hkbyzu/an_terrible_experience_with_signal_pin/}}</ref><ref name=":5">{{Cite web |title=Can someone explain this new PIN system? |url=https://old.reddit.com/r/signal/comments/ggty6n/can_someone_explain_this_new_pin_system/}}</ref>, for example how often it required users to re-enter their PIN, or how it would make it harder to convince friends and family to use the app, but ultimately the problem is that Signal's new data collection practices introduced new risks for Signal users that didn't exist before.<ref name=":1" /><ref name=":2" /><ref name=":3" /><ref name=":4" /> Signal's failure to update their website/privacy policy means that Signal users, including those who are diligent enough to check over Signal's privacy policy, can still be left unaware of Signal's change in data collection practices and the new risks introduced by it, leaving them deprived of the opportunity to decide for themselves if the risks of using Signal are acceptable for them in their circumstances.

===Signal's response===

Signal was not convinced to abandon this data collection and they began to roll out the change in 2020 without clear communication about the new feature.<ref>{{Cite web |title=Mandatory PIN without clear explanation within the app might cause significant number of users to quit using Signal |url=https://community.signalusers.org/t/mandatory-pin-without-clear-explanation-within-the-app-might-cause-significant-number-of-users-to-quit-using-signal/11597}}</ref><ref name=":6" /><ref name=":5" /><ref>{{Cite web |title=I don’t understand what the new PIN requirement is for |url=https://community.signalusers.org/t/i-don-t-understand-what-the-new-pin-requirement-is-for/13895}}</ref><ref name=":7" />{{DisputedInline|reason=tone|Tone is inappropriate}}{{DisputedInline|Misrepresents PIN feature as it is optional and not properly explained|reason=include the response to the hysteria and a proper explanation of the feature}} It resulted in a lot of confusion for users, many of whom only learned about this feature when they were prompted to create a PIN. There were many social media posts expressing confusion over what the feature was and what it was doing.<ref>{{Cite web |title=What contact info does the Signal PIN functionality actually save? |url=https://community.signalusers.org/t/what-contact-info-does-the-signal-pin-functionality-actually-save/16854}}</ref><ref>{{Cite web |title=Following user backlash, Signal lowers one of its drastic PIN measures |url=https://www.androidpolice.com/2020/05/29/many-signal-users-arent-happy-with-new-pin-requirements/}}</ref> <ref name=":6">{{Cite web |title=What exactly is Signal protecting with the mandatory PIN? |url=https://old.reddit.com/r/signal/comments/hymlfd/what_exactly_is_signal_protecting_with_the/}}</ref> Even years after the change was made some Signal users were/are still unsure about what data Signal collects or were/are convinced that Signal doesn't collect any data at all.<ref>{{Cite web |title=What info does Signal store about it's user? |url=https://old.reddit.com/r/signal/comments/q5tlg1/what_info_does_signal_store_about_its_user/ |archive-url=https://web.archive.org/web/20211011111619/https://old.reddit.com/r/signal/comments/q5tlg1/what_info_does_signal_store_about_its_user/ |archive-date=11 Oct 2021 |access-date=6 Mar 2025}}</ref><ref>{{Cite web |title=About data collection and data delivery |url=https://old.reddit.com/r/signal/comments/1id3xu8/about_data_collection_and_data_delivery/ |archive-url=https://web.archive.org/web/20250201072439/https://old.reddit.com/r/signal/comments/1id3xu8/about_data_collection_and_data_delivery/?ref=readnext |archive-date=1 Feb 2025 |access-date=6 Mar 2025}}</ref>

This confusion is understandable,{{DisputedInline|reason=tone|Tone is inappropriate}} since Signal's own website continues to state that they do not collect the information they are collecting. The first line of their "Terms & Privacy Policy" page reads: "Signal is designed to never collect or store any sensitive information."<ref>{{Cite web |title=Signal Terms & Privacy Policy |url=https://signal.org/legal/ |archive-url=https://web.archive.org/web/20250302122622/https://signal.org/legal/ |archive-date=2 Mar 2025 |access-date=6 Mar 2025}}</ref>

This lie{{DisputedInline|reason=tone|Tone is inappropriate}} is also repeated on their support page under the heading: How do I know my communication is private<ref>{{Cite web |title=How do I know my communication is private? |url=https://support.signal.org/hc/en-us/articles/360007318911-How-do-I-know-my-communication-is-private |archive-url=https://web.archive.org/web/20250214030028/https://support.signal.org/hc/en-us/articles/360007318911-How-do-I-know-my-communication-is-private |archive-date=14 Feb 2025 |access-date=6 Mar 2025}}</ref>

There is no indication on Signal's older pages, which claim they don't collect this information, that the data collection policy discussed on those pages is now outdated either. Examples include:

''"Signal is designed to never collect or store any sensitive information. " - https://support.signal.org/hc/en-us/articles/360007059412-Signal-and-the-General-Data-Protection-Regulation-GDPR''

''"The Signal service does not have any knowledge of your contacts. Data is all owned by your phone." - https://support.signal.org/hc/en-us/articles/360007061452-Does-Signal-send-my-number-to-my-contacts''

''"In addition to the end-to-end encryption that protects every Signal message, the Signal service is designed to minimize the data that is retained about Signal users. By design, it does not store a record of your contacts, social graph, conversation list, location, user avatar, user profile name, group memberships, group titles, or group avatars." - https://signal.org/blog/sealed-sender/''

''"Notably, things we don’t have stored include anything about a user’s contacts (such as the contacts themselves, a hash of the contacts, any other derivative contact information), anything about a user’s groups (such as how many groups a user is in, which groups a user is in, the membership lists of a user’s groups), or any records of who a user has been communicating with." - https://signal.org/bigbrother/eastern-virginia-grand-jury/''

''"Because we’ve built Signal to completely avoid storing any sensitive information...." - https://signal.org/blog/looking-back-as-the-world-moves-forward/''

''Requests have been mad''e for Signal to update their policy following the change in data collection.<ref>{{Cite web |title=Can Signal please update its Privacy Policy |url=https://community.signalusers.org/t/can-signal-please-update-its-privacy-policy/15323 |archive-url=https://web.archive.org/web/20230519120053/https://community.signalusers.org/t/can-signal-please-update-its-privacy-policy/15323 |archive-date=19 May 2023 |access-date=6 Mar 2025}}</ref><ref>{{Cite web |title=Signal’s Terms of Use and Privacy Policy are not very user friendly |url=https://community.signalusers.org/t/signals-terms-of-use-and-privacy-policy-are-not-very-user-friendly/11047 |archive-url=https://web.archive.org/web/20250306164621/https://community.signalusers.org/t/signals-terms-of-use-and-privacy-policy-are-not-very-user-friendly/11047 |archive-date=6 Mar 2025 |access-date=6 Mar 2025}}</ref>

'''Workarounds'''

While some social media posts and articles suggested that opting out of setting a pin would prevent a user's data from being uploaded to the cloud, this is not the case. <ref>{{Cite web |title=A few thoughts about Signal’s Secure Value Recovery |url=https://web.archive.org/web/20200712205333/https://blog.cryptographyengineering.com/2020/07/10/a-few-thoughts-about-signals-secure-value-recovery/}}</ref> When a Signal user sets a pin, their data is uploaded to the cloud and secured using SVR, however when a user chooses to "opt-out", a pin is automatically created for them instead, their data is encrypted and then uploaded to Signal's Storage Service. User who "opt-out" won't know the pin that was created for them, will not be able to use SVR to recover their profile and contact info on a new device, but the data is uploaded to the cloud regardless. There is currently no way for a Signal user to prevent their data from being uploaded and stored in the cloud.<ref name=":7">{{Cite web |title=PSA: Disabling PINs will now upload nothing to the server |url=https://old.reddit.com/r/signal/comments/htmzrr/psa_disabling_pins_will_now_upload_nothing_to_the/ |archive-url=https://web.archive.org/web/20230616082821/https://old.reddit.com/r/signal/comments/htmzrr/psa_disabling_pins_will_now_upload_nothing_to_the/ |archive-date=16 Jun 2023 |access-date=6 Mar 2025}}</ref>

==References==
{{reflist}}
[[Category:Signal messenger]]