Slashdot Mirror

← Back to Stories (view on slashdot.org)

Encryption App Signal Wins Fight Against FBI Subpoena and Gag Order (dailydot.com)

Posted by BeauHD on from the nothing-to-see-here dept.

An anonymous reader quotes a report from The Daily Dot: Signal, widely considered the gold standard of encrypted messaging apps, was put to the test earlier this year when a FBI subpoena and gag order that demanded a wide range of information on two users resulted in a federal grand jury investigation in Virginia. The makers of Signal, Open Whisper Systems, profoundly disappointed law enforcement. The app collects as little data as possible and therefore was unable to hand anything useful over to agents. "That's not because Signal chose not to provide logs of information," ACLU lawyer Brett Kaufman told the Associated Press. "It's just that it couldn't." "The Signal service was designed to minimize the data we retain," Moxie Marlinspike, the founder of Open Whisper Systems, told the New York Times. The subpoena came with a yearlong gag order that was successfully challenged by the American Civil Liberties Union. Signal's creators challenged the gag order as unconstitutional, "because it is not narrowly tailored to a compelling government interest." The challenge was successful. In addition to being popularly considered the best consumer encrypted messaging app available, Signal's technology is used by Facebook for Secret Conversations, WhatsApp for encrypted messages, and Google's Allo. Confronted with the subpoena, Marlinspike went to the ACLU for legal counsel. The ACLU responded with a letter saying that even though Signal did not have data the FBI sought, it still strenuously objected (PDF) to the fact the FBI wanted so much information.

2 of 88 comments (clear)

  1. I thought this app was for privacy? by Anonymous Coward · · Score: 2, Informative

    It says it needs access to:

    Device & App History
    Identity
    Calendar
    Contacts
    Location
    SMS
    Phone
    Photos/Media/Files

    I have a hard time feeling private with all those permissions. I'm surprised it didn't ask for my blood type.

    I know pretty much everything "requires" access to everything these days. When your printer wants access to your contact list, something is wrong. This is a privacy app, why is it so intrusive?

    On their page, it even says "Using Signal, you can communicate instantly while avoiding SMS fees". So why does it want access to SMS?

    1. Re:I thought this app was for privacy? by heypete · · Score: 5, Informative

      It says it needs access to:

      Device & App History

      [snip]

      All the permissions Signal requires are explained here. They all make sense in context, and many can be disabled without affecting normal use (e.g. location, calendar, camera, etc.).

      To answer your question about SMS in particular, OWS says "Signal is capable of functioning as a complete replacement to your phone’s stock messaging application. In order to do this, it needs to be able to send and receive text messages (both SMS and MMS). You can also import your existing messages into Signal when it is first installed, and these permissions allow that database to be read as well."