In a significant development for the world of secure messaging, Meredith Whittaker, Chair of Signal, defended the app's privacy protocols after a recent incident involving U.S. officials mistakenly adding a journalist to a chat discussing military actions in Yemen. This error raised concerns about national security, as it occurred during sensitive discussions among top government officials.
On March 13, 2025, a U.S. official inadvertently included Jeffrey Goldberg, a journalist from The Atlantic, in a group chat labeled 'Houthi PC small group.' This group comprised high-ranking officials, including Vice President JD Vance and Secretary of Defense Pete Hegseth, who were deliberating on an imminent military operation against Houthi forces in Yemen. The operation was scheduled for just two days later.
While Whittaker did not directly address the incident, she emphasized the robust privacy features of Signal in a post on social media platform X, calling it the "gold standard in private communication." She highlighted the app's open-source nature and its commitment to end-to-end encryption (E2EE), which protects both metadata and message content. "We are open-source, nonprofit. We develop and implement E2EE technology and privacy protections across the board to safeguard metadata and message content," Whittaker stated.
Signal has gained traction in both Europe and the U.S. as a preferred alternative to WhatsApp, primarily due to its minimal data collection practices. Data from market analytics firm Sensor Tower revealed that Signal's downloads in the U.S. surged by 16% in the first quarter of 2025 compared to the fourth quarter of 2024, and by 25% compared to the same quarter in 2024.
In a February interview with the Dutch newspaper De Telegraaf, Whittaker argued that Signal is a more secure option than WhatsApp, which collects metadata that can reveal user communication patterns. "When forced to provide data, like all data-collecting companies from the get-go, WhatsApp will hand over this vital and sensitive information," she explained.
In response to the incident, a WhatsApp spokesperson stated that the app relies on metadata to prevent spam and maintain service safety against abuse. "We do not log who messages or calls whom, and we do not track users' personal message content for advertising purposes," the spokesperson asserted.
Following the chat incident, Moxie Marlinspike, founder of Signal, took to X to mock the situation, suggesting that the app now has a feature allowing the Vice President of the United States to randomly invite individuals into sensitive military coordination chats. "There are many great reasons to use Signal. Now the app even has a feature allowing the Vice President to randomly invite you into a chat group to coordinate sensitive military activities. Don't miss this opportunity!" he quipped.
Marlinspike, born in Georgia in 1980, previously served as the head of security for Twitter (now X) and is the creator of the Signal Protocol, which is utilized by several messaging platforms, including Signal, WhatsApp, Google Messages, and Facebook Messenger. The Signal Protocol is a robust end-to-end encryption protocol developed by Open Whisper Systems, designed to secure privacy and security in electronic communications, particularly in messaging and calling.
Key features of the Signal Protocol include:
- End-to-End Encryption: Only the sender and recipient can read the message content, ensuring that service providers cannot access the messages.
- Advanced Encryption Mechanisms: It employs modern encryption algorithms such as the Double Ratchet Algorithm, Curve25519, AES-256, and HMAC-SHA256 to ensure security.
- Automatic Key Rotation: After each message, a new encryption key is generated to minimize the risk of attacks.
- Open Source: The protocol is open-source, allowing security experts to audit and verify its safety.
The Signal Protocol is not only integral to Signal Messenger but has also been integrated into various popular messaging applications, ensuring that users' messages and calls are protected from eavesdropping, surveillance, or cyberattacks.
Signal itself is a secure messaging service that employs end-to-end encryption, meaning that service providers cannot access or read users' private conversations and calls. This ensures user privacy is upheld. The software is available across multiple platforms, including smartphones and computers, enabling messaging, voice, and video calls. To register and create an account, users need a phone number. Unlike other messaging apps, Signal does not track or store user data. Its code is publicly available, allowing security experts to examine its functionality and ensure safety.
The only data Signal retains on its servers are users' phone numbers, the date they joined the service, and their last login information. Contacts, conversations, and other communication details are stored on users' smartphones, with options to automatically delete messages after a certain period. The company does not use advertising or affiliate marketers and does not track user data, according to its website.
Signal also allows users to hide their phone numbers from others and use a secondary secure number to verify message authenticity. The app does not utilize encryption systems from the U.S. government or any other government and is not hosted on government servers. It has become popular among privacy advocates and political activists, initially gaining traction among dissidents before becoming a communication tool for journalists and media outlets. Eventually, Signal has been adopted by governmental agencies and organizations as well.
In 2021, Signal experienced significant growth following WhatsApp's controversial privacy policy changes, which raised concerns about user data sharing with Facebook and Instagram. Reuters listed Signal as one of the tools whistleblowers can use to share confidential news with their journalists, while noting that "no system is 100% secure." According to Signal's community forum, the app is also used by the European Commission. In 2017, the U.S. Senate's Office of Legislative Management approved the use of Signal for Senate staff.
Signal was founded in 2012 by Moxie Marlinspike. In February 2018, Marlinspike and Brian Acton (co-founder of WhatsApp) established the Signal Foundation, a nonprofit organization overseeing the app. Acton initially invested $50 million in the foundation after leaving WhatsApp in 2017 over disagreements regarding customer data usage and advertising. Signal is not owned by any major tech corporation and asserts on its website that it will never be acquired.
