Why I told my friends to stop using WhatsApp and Telegram
Romain Aubert
9.3K146

Technically, it’s a very interesting read. But the advice “switch to Signal because PRIVACY” really makes me sigh because — in my opinion — it’s stunningly out of touch with the needs of many messaging users — certainly with mine.

First of all, I’d argue that the matter of privacy is not binary. It’s not about either having full privacy or having none. There’s a curve. And I don’t think that 100% black-ops-style privacy and good enough privacy are the same. Most people would be fine with good enough privacy.

Personally, my favorite messaging service is iMessage. It’s very secure, and Apple goes to incredible lengths to balance security and comfort (i.e. asymmetric encryption plus multiple device support). But I guess they have access to the encryption keys, so I have to trust them in this regard. However, all of their conduct, and their public focus on privacy give me good reason to indeed trust them. So, privacy seems to be very good there, and more than good enough in my opinion. Yes, they do log metadata for 30 days. In contrast Google Allo, or WhatsApp until like a year ago, are shockingly insecure which is why I wouldn’t feel comfortable using them. I do use Facebook Messenger extensively, but mainly because its comfort features are so vastly superior to anything else, and because I’m sharing lots of stuff on Facebook anyway. I do wish they’d at least have end-to-end encryption, though.

Anyway, the point is: there are a lot of shades between 100% privacy and 0% privacy. More importantly, between 100% security and 0% security — if the service provider (and theoretically the government by extension) can read my stuff that’s bad, but hackers being able to would be far worse. With Facebook for example, I believe my data is so valuable to them that they won’t store it in an unencrypted text file like Sony did. But even with the metadata I don’t really see a problem. That’s how phones work too, isn’t it? Phone providers can log timestamps and numbers. Your examples of sex hotlines and suicide hotlines is a very colorful, but ultimately over exaggerating dramatization. Those are special, single-topic hotlines. If you just call normal people, there isn’t much context left in the meta data. I’m fine with that logging, and I think many people would be, too. Which is my point: the privacy just needs to be good enough.

At the same time, there are other factors for why people use specific messaging clients. I for one wouldn’t even dream of using Signal, because frankly the user experience is crap: instead of a user profile, I need a phone number. If there is one thing I want to carry over from the old 19th century analog world, it’s random ten-digit numbers! Signal is said to run on iOS and Android, but really, it only runs on iPhone and Android, because there is no actual iPad support (and most likely no Android tablet support, either). Desktop support is as crippled as it is for WhatsApp: a tethered web client. In short, Signal is a single-device messaging service that’s basically mobile-only; and it’s based on archaic phone numbers. No, thanks! And I haven’t even checked whether they support stickers or GIFs or apps. Comfort and user experience are not optional, they are critical! Good enough privacy is luckily becoming more and more important; but 100% privacy is a proposition that you can’t see, and that in almost any real-world scenario won’t make any difference at all. Good luck trying to convince people.