Signal Data Collection: Difference between revisions

Revision as of 07:28, 6 March 2025

Signal is a open source encrypted messaging service that is frequently recommended to highly vulnerable users such as human rights activists, whistleblowers, and journalists whose lives and/or freedom can depend on their ability to maintain private and secure communication. Since 2020 Signal has been collecting and keeping sensitive user data in the cloud while lying to their users about their data collection practices. Users and potential users of Signal have a right to know what data is being collected and how it is being stored and secured so that they make informed choices about the risks they are taking when using Signal.

Background

Over the years Signal has curated a reputation that they do not collect or keep data on their users.

Signal has publicly disclosed that they have received legal requests for subscriber's names, telephone numbers, histories, and contacts and Signal has said that they were unable to supply that information because it was never collected by Signal in the first place. These incidents have been reported in the media^[1]

Signal's website states^[2]:

"We’ve designed the Signal service to minimize the data we retain about Signal users, so the only information we can produce in response to a request like this is the date and time a user registered with Signal and the last date of a user’s connectivity to the Signal service.

Notably, things we don’t have stored include anything about a user’s contacts (such as the contacts themselves, a hash of the contacts, any other derivative contact information), anything about a user’s groups (such as how many groups a user is in, which groups a user is in, the membership lists of a user’s groups), or any records of who a user has been communicating with."

Data collection begins

Signal's data collection practices changed in 2019 when Signal previewed a feature they called "secure value recovery".^[3]

This new feature meant that Signal would start collecting the same kinds of information that Signal had been getting legal requests to turn over, and that Signal would permanently keep that data in the cloud. Their stated reason for doing this was so that if a Signal user got a new device they could install the app, enter a pin, and the app would pull down the user's data from cloud servers.

The data being collecting and stored in could includes: The user's name, photo, phone number, and a list of every Signal user they have contacted.^[4]

This was a highly controversial change, and some Signal users objected on philosophical grounds^[5], requesting that Signal instead provide a means to export encrypted backups that could be imported locally eliminating any need to upload data to the cloud. Signal users also raised technical concerns about the security of the system and doubts that it would protect their data.^[6] Some of these concerns were also shared by cybersecurity-experts^[7] and security researchers demonstrated that the system was vulnerable to attacks which allowed them to access the user data being stored.^[8]

Signal's response

Signal was not convinced to abandon this data collection and they began to roll out the change in 2020 without clear communication about the new feature which resulted in a lot of confusion for users, many of whom only learned about this feature when they were promoted to create a PIN. There were many social media posts expressing confusion over what the feature was and what it was doing. Even years after the change was made some Signal users were/are still unsure about what data it was collecting or were/are convinced that Signal doesn't collecting any data at all^[9]^[10]

This confusion is understandable, since Signal's own website continues to state that they do not collect the information they are collecting. The first line of their "Terms & Privacy Policy" page reads: "Signal is designed to never collect or store any sensitive information."^[11]

This lie is also repeated on their support page under the heading: How do I know my communication is private^[12]

There is no indication on Signal's older pages, which claim they don't collect this information, that the data collection policy discussed on those pages is now outdated either.

Workarounds

While some social media posts and articles suggested that opting out of setting a pin would prevent a user's data from being uploaded to the cloud this is not the case. There is currently no way for a Signal user to prevent their data from being uploaded and stored in the cloud.^[13]

References

↑ "FBI demands Signal user data, but there's not much to hand over". Archived from the original on 04/01/24. {{cite web}}: Check date values in: |archive-date= (help)
↑ "Grand jury subpoena for Signal user data, Eastern District of Virginia". Archived from the original on 03/02/25. {{cite web}}: Check date values in: |archive-date= (help)
↑ "Technology Preview for secure value recovery". Archived from the original on 12/28/24. {{cite web}}: Check date values in: |archive-date= (help)
↑ "What contact info does the Signal PIN functionality actually save".
↑ "Don't want PIN, don't want anything stored in cloud". Archived from the original on 03/01/24. {{cite web}}: Check date values in: |archive-date= (help)
↑ "Proper secure value security: PINs are too easy to brute force, SGX is not reliable enough". Archived from the original on 03/01/24. {{cite web}}: Check date values in: |archive-date= (help)
↑ "Signal's New PIN Feature Worries Cybersecurity Experts". Archived from the original on 01/17/25. {{cite web}}: Check date values in: |archive-date= (help)
↑ "SGX CacheOut SGAxe attack. Signal's cloud storage and contact discovery vulnerable". Archived from the original on 05/19/23. {{cite web}}: Check date values in: |archive-date= (help)
↑ "What info does Signal store about it's user?". Archived from the original on 10/11/21. {{cite web}}: Check date values in: |archive-date= (help)
↑ "About data collection and data delivery". Archived from the original on 02/01/25. {{cite web}}: Check date values in: |archive-date= (help)
↑ "Signal Terms & Privacy Policy". Archived from the original on 03/02/25. {{cite web}}: Check date values in: |archive-date= (help)
↑ "How do I know my communication is private?". Archived from the original on 02/14/25. {{cite web}}: Check date values in: |archive-date= (help)
↑ "PSA: Disabling PINs will now upload nothing to the server". Archived from the original on 06/16/23. {{cite web}}: Check date values in: |archive-date= (help)

Add a category with the same name as the product, service, website, software, product line or company that this article is about.

The "Incidents" category is not needed.

Add your text below this box. Once this section is complete, delete this box by clicking on it and pressing backspace.

[1] "FBI demands Signal user data, but there's not much to hand over". Archived from the original on 04/01/24. {{cite web}}: Check date values in: |archive-date= (help)

[2] "Grand jury subpoena for Signal user data, Eastern District of Virginia". Archived from the original on 03/02/25. {{cite web}}: Check date values in: |archive-date= (help)

[3] "Technology Preview for secure value recovery". Archived from the original on 12/28/24. {{cite web}}: Check date values in: |archive-date= (help)

[4] "What contact info does the Signal PIN functionality actually save".

[5] "Don't want PIN, don't want anything stored in cloud". Archived from the original on 03/01/24. {{cite web}}: Check date values in: |archive-date= (help)

[6] "Proper secure value security: PINs are too easy to brute force, SGX is not reliable enough". Archived from the original on 03/01/24. {{cite web}}: Check date values in: |archive-date= (help)

[7] "Signal's New PIN Feature Worries Cybersecurity Experts". Archived from the original on 01/17/25. {{cite web}}: Check date values in: |archive-date= (help)

[8] "SGX CacheOut SGAxe attack. Signal's cloud storage and contact discovery vulnerable". Archived from the original on 05/19/23. {{cite web}}: Check date values in: |archive-date= (help)

[9] "What info does Signal store about it's user?". Archived from the original on 10/11/21. {{cite web}}: Check date values in: |archive-date= (help)

[10] "About data collection and data delivery". Archived from the original on 02/01/25. {{cite web}}: Check date values in: |archive-date= (help)

[11] "Signal Terms & Privacy Policy". Archived from the original on 03/02/25. {{cite web}}: Check date values in: |archive-date= (help)

[12] "How do I know my communication is private?". Archived from the original on 02/14/25. {{cite web}}: Check date values in: |archive-date= (help)

[13] "PSA: Disabling PINs will now upload nothing to the server". Archived from the original on 06/16/23. {{cite web}}: Check date values in: |archive-date= (help)

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

@@ Line 1: / Line 1: @@
 Signal is a open source encrypted messaging service that is frequently recommended to highly vulnerable users such as human rights activists, whistleblowers, and journalists whose lives and/or freedom can depend on their ability to maintain private and secure communication. Since 2020 Signal has been collecting and keeping sensitive user data in the cloud while lying to their users about their data collection practices. Users and potential users of Signal have a right to know what data is being collected and how it is being stored and secured so that they make informed choices about the risks they are taking when using Signal.
@@ Line 27: / Line 26: @@
 ===Signal's response===
-Signal was not convinced to abandon this data collection and they began to roll out the change in 2020 without clear communication about the new feature which resulted in a lot of confusion for users, many of whom only learned about this feature when they were promoted to create a PIN. There were many social media posts expressing confusion over what the feature was and what it was doing. Even years after the change was made some Signal users were/are still unsure about what data it was collecting or were/are convinced that Signal doesn't collecting any data at all<ref>{{Cite web |title=What info does Signal store about it's user? |url=https://old.reddit.com/r/signal/comments/q5tlg1/what_info_does_signal_store_about_its_user/ |archive-url=https://web.archive.org/web/20211011111619/https://old.reddit.com/r/signal/comments/q5tlg1/what_info_does_signal_store_about_its_user/ |archive-date=10/11/21}}</ref>
+Signal was not convinced to abandon this data collection and they began to roll out the change in 2020 without clear communication about the new feature which resulted in a lot of confusion for users, many of whom only learned about this feature when they were promoted to create a PIN. There were many social media posts expressing confusion over what the feature was and what it was doing. Even years after the change was made some Signal users were/are still unsure about what data it was collecting or were/are convinced that Signal doesn't collecting any data at all<ref>{{Cite web |title=What info does Signal store about it's user? |url=https://old.reddit.com/r/signal/comments/q5tlg1/what_info_does_signal_store_about_its_user/ |archive-url=https://web.archive.org/web/20211011111619/https://old.reddit.com/r/signal/comments/q5tlg1/what_info_does_signal_store_about_its_user/ |archive-date=10/11/21}}</ref><ref>{{Cite web |title=About data collection and data delivery |url=https://old.reddit.com/r/signal/comments/1id3xu8/about_data_collection_and_data_delivery/ |archive-url=https://web.archive.org/web/20250201072439/https://old.reddit.com/r/signal/comments/1id3xu8/about_data_collection_and_data_delivery/?ref=readnext |archive-date=02/01/25}}</ref>
 This confusion is understandable, since Signal's own website continues to state that they do not collect the information they are collecting. The first line of their "Terms & Privacy Policy" page reads: "Signal is designed to never collect or store any sensitive information."<ref>{{Cite web |title=Signal Terms & Privacy Policy |url=https://signal.org/legal/ |archive-url=https://web.archive.org/web/20250302122622/https://signal.org/legal/ |archive-date=03/02/25}}</ref>