Privacy

im working on a proof-of-concept messaging app. it has a fairly unique architecture which i think makes it so ChatControl wouldnt affect it... but im not an expert in laws, so im sure im not asking the right questions. any guidance is appriciated.

to make things clear: my project is far from finished. its pretty experiemental, unstable and buggy. im not at a stage where i can say my app is watertight... but that is my general aim.

i think the code for my app is too complicated and not well documented for anyone to pick up and look at in their spare time, so i think its better i describe how it works (please reach out for clarity on any details i may miss!). i hope it can be used to determine how ChatControl can apply to my project.

• im working on a fully client-side messaging app. cryptography is done client-side using browser API's to generate encryption keys. messages are encrypted client-side and decrypted on the recieving client-side

• as a webapp i can avoid installation and registration so there are no databases with registered users that can be compromized. user ID's are cryptographically random. this allows allows profiles to be as ephemeral or persistent as the user wants.

• the app is using webrtc to exchange messages which are then stored on the recieving device client-side only. there is no database storing "pending" messages. if your peer is offline, you cannot send a message.

there are a lot of nuances to a p2p-only messaging app, but i hope that by reducing the amount of infrastructure, it can simplify e2ee.

i dont think its written well enough to be worth your time to do a deep dive into my code, but you can find it here: https://github.com/positive-intentions/chat

• Over 500 cryptography scientists and researchers have signed a joint letter against the EU's controversial child sexual abuse (CSAM) scanning proposal
• Experts warn that the Danish version of the text still fails to address concerns around encryption, indiscriminate surveillance, and accuracy
• EU Council members must share their final positions on the so-called Chat Control bill on September 12

The EU is planning to strike a deal with the US that would let the Department of Homeland Security and other agencies search European databases to identify people posing “a threat to US security,” according to a proposal published by the European Commission at the end of July.

SMH @ activists using techno-fascist platforms for communications during an operation subject to state-actor level interference. I thought we recognised and acknowledged this problem 15-20 years ago already.

https://xcancel.com/CraigMurrayOrg/status/1965431513320927706

Under pressure from Mark Zuckerberg and Sheryl Sandberg to monetize WhatsApp, he pushed back as Facebook questioned the encryption he'd helped build and laid the groundwork to show targeted ads and facilitate commercial messaging. Acton also walked away from Facebook a year before his final tranche of stock grants vested. "It was like, okay, well, you want to do these things I don"t want to do," Acton says. "It's better if I get out of your way. And I did." It was perhaps the most expensive moral stand in history. Acton took a screenshot of the stock price on his way out the door—the decision cost him $850 million.

Complaint.

Signal is launching its first paid feature: the ability to make secure, end-to-end encrypted backups of your media history older than 45 days and of your text message history for $1.99 per month.

“Media requires a lot of storage, and storing and transferring large amounts of data is expensive,” Signal’s VP of engineering, Jim O’Leary, says in a blog post. “As a nonprofit that refuses to collect or sell your data, Signal needs to cover those costs differently than other tech organizations that offer similar products but support themselves by selling ads and monetizing data.”

In the past, if you broke or lost your phone, your Signal message history was gone. This has been a challenge for people whose most important conversations happen on Signal. Think family photos, sweet messages, important documents, or anything else you don’t want to lose forever. This explains why the most common feature request has been backups; a way for people to get Signal messages back even if their phone is lost or damaged.

After careful design and development, we are now starting to roll out secure backups, an opt-in feature. This first phase is available in the latest beta release for Android. This will let us further test this feature in a limited setting, before it rolls out to iOS and Desktop in the near future.

Here, we’ll outline the basics of secure backups and provide a high-level overview about how they work and how we built a system that allows you to recover your Signal conversations while maintaining the highest bar for privacy and security.

Secure Backups 101

Secure backups let you save an archive of your Signal conversations in a privacy-preserving form, refreshed every day; giving you the ability to restore your chats even if you lose access to your phone. Signal’s secure backups are opt-in and, of course, end-to-end encrypted. So if you don’t want to create a secure backup archive of your Signal messages and media, you never have to use the feature.

If you do decide to opt in to secure backups, you’ll be able to securely back up all of your text messages and the last 45 days’ worth of media for free.

If you want to back up your media history beyond 45 days, as well as your message history, we also offer a paid subscription plan for US$1.99 per month.

This is the first time we’ve offered a paid feature. The reason we’re doing this is simple: media requires a lot of storage, and storing and transferring large amounts of data is expensive. As a nonprofit that refuses to collect or sell your data, Signal needs to cover those costs differently than other tech organizations that offer similar products but support themselves by selling ads and monetizing data.

Anatomy of Secure Backups: Privacy First, Always

At Signal, our commitment to privacy informs which features we build and the ways that we build them.

Using the same zero-knowledge technology that enables Signal groups to work without revealing intimate metadata, backup archives are stored without a direct link to a specific backup payment or Signal user account.

At the core of secure backups is a 64-character recovery key that is generated on your device. This key is yours and yours alone; it is never shared with Signal’s servers. Your recovery key is the only way to “unlock” your backup when you need to restore access to your messages. Losing it means losing access to your backup permanently, and Signal cannot help you recover it. You can generate a new key if you choose. We recommend storing this key securely (writing it down in a notebook or a secure password manager, for example).

These choices are part and parcel of Signal’s guiding mission to collect as close to no data as possible, and to make sure that any information that is required to make Signal robust and usable cannot be tied back to the people who depend on Signal. This is why wherever there’s a choice between security and any other objective, we’ve prioritized security.

Enabling Secure Backups

If you want to opt in to secure backups, you can do so from your Signal Settings menu. For now, only people running the latest beta version of Signal on Android will be able to opt in. But soon, we’ll be rolling this feature out across all platforms.

Once you’ve enabled secure backups, your device will automatically create a fresh secure backup archive every day, replacing the previous day’s archive. Only you can decrypt your backup archive, which will allow you to restore your message database (excluding view-once messages and messages scheduled to disappear within the next 24 hours). Because your secure backup archive is refreshed daily, anything you deleted in the past 24 hours, or any messages set to disappear are removed from the latest daily secure backup archive, as you intended.

Backing up, moving forward

We’re excited to introduce secure backups, making sure you can retain access to your Signal messages even when your phone is lost or destroyed. But secure backups aren’t the end of the road.

The technology that underpins this initial version of secure backups will also serve as the foundation for more secure backup options in the near future. Our future plans include letting you save a secure backup archive to the location of your choosing, alongside features that let you transfer your encrypted message history between Android, iOS, and Desktop devices.

Secure backups are available in today’s Android beta release. A full public release, along with iOS and Desktop support, is coming soon.

• Turkey has been blocking access to all main social media platforms since the evening of Sunday, September 7, 2025
• X, YouTube, Instagram, Facebook, TikTok, and WhatsApp have all been impacted, according to an internet watchdog
• Proton VPN has recorded a spike of over 500% on an hourly basis on the night of Sunday