Who's Listening?

Let me tell you what “encrypted” actually means, because the word gets used so loosely that it’s almost stopped meaning anything.

When you send a regular text message — an SMS — it travels from your phone to your carrier’s servers to the recipient’s carrier’s servers to their phone. At every point along that chain, the message is readable. Your phone carrier can see it. Anyone with access to the carrier’s infrastructure can see it. Law enforcement can request it with a court order, and carriers comply routinely. The message is transmitted, but it’s not protected. Think of it as a postcard — the postal service can read it at every stop along the way.

End-to-end encryption means the message is locked when it leaves your device and only unlocked when it arrives at the recipient’s device. Not at the server. Not at the company. Not at any intermediate point. The company running the app literally cannot read your message because they don’t have the key. If law enforcement serves them with a subpoena demanding your message content, the company can’t hand over what it doesn’t have.

That’s not a privacy preference. That’s an engineering decision with legal consequences. And the difference between apps that make this decision and apps that don’t is the difference between your communications being accessible to anyone with a court order — or in many cases, without one — and your communications being accessible only to you and the person you’re talking to.

Three apps. I’ll be direct about what each one does and doesn’t do.

Signal. This is the standard. It’s free, it’s a nonprofit, and its code is open-source — meaning anyone can inspect exactly how it works. Signal was built from the ground up to collect as little data as possible. When the US government has served Signal with subpoenas — and this has happened multiple times, the cases are public — Signal has produced exactly two data points: the date the account was created and the date it last connected to the service. That’s it. Not because they refused to cooperate. Because that’s all they have.

No message content. No contact lists. No group memberships. No profile information. No call records. The company publishes every government request they’ve received alongside their responses at signal.org/bigbrother. It makes for very short reading.

WhatsApp. This is where it gets complicated, because WhatsApp uses Signal’s encryption protocol for message content. Your messages are end-to-end encrypted. Meta, WhatsApp’s parent company, cannot read them. That part is real.

But Meta collects and retains everything around the messages. Who you talk to. When. How often. From which IP address — which reveals your location. Your phone number, your contacts, your group memberships, your profile photo, your about status. This is metadata, and metadata reveals more than most people realize. If someone knows you called a suicide hotline at 2am, they don’t need to know what you said. If someone knows an organizer messaged forty people the night before a protest, they don’t need to read the messages to understand what’s happening.

Meta complied with roughly 77% of US government data requests in the most recent reporting period. That compliance involves metadata — and metadata is what ties your communications to your identity, your location, your relationships, and your patterns.

iMessage. Apple’s messaging is encrypted between Apple devices — the blue bubbles. But when you text someone on Android, iMessage falls back to SMS or RCS, and depending on the configuration, that traffic may not be end-to-end encrypted. If you’re in an all-Apple household, iMessage is reasonable for most threat models. If you’re not — and you often don’t know whether the person on the other end has the same setup you do — you can’t count on it.

Apple also stores iCloud backups by default, which can include your message history. If your iCloud backup isn’t using Advanced Data Protection — and most people haven’t turned that on — Apple can access your backed-up messages when served with a warrant. The encryption exists between devices but may not extend to the copy sitting on Apple’s servers.

---

The distinction I need you to hold onto isn’t about any one app. It’s about the difference between content and metadata.

Content is what you said. Metadata is everything else — who you talked to, when, how long, from where, how often. The US government’s position, established in practice and upheld by its intelligence agencies for decades, is that metadata collection is less invasive than content collection and therefore subject to weaker legal protections. This is the position that allowed the NSA’s bulk phone records collection program that Edward Snowden revealed in 2013.

But General Michael Hayden, who led both the NSA and the CIA, said this publicly: “We kill people based on metadata.”

He wasn’t being provocative. He was describing how intelligence operations work. Metadata patterns — communication networks, location data, contact frequency — are what targeting decisions are built on. The content of a message is useful for prosecution. The metadata is useful for identification.

This matters for your threat model. If your concern is the content of specific messages, end-to-end encryption addresses it — even WhatsApp works for that. If your concern is that the pattern of your communications reveals information about you — who you know, what you’re involved in, how you’re organized — then the metadata question is what matters. And for metadata, Signal is the only mainstream option that collects effectively nothing.

---

Four things. All today.

Install Signal. It’s free, available on both platforms, takes two minutes.

Move one important conversation there. Not everything — one. A family group chat. A close friend. A partner. The people whose communications matter most to you. This is the hardest part, because it requires someone else to install it too. I know. Start with one person and work outward.

If people push back — and some will — here’s what works: don’t lead with surveillance or privacy. Lead with “it’s a better app.” The group chats are cleaner. The call quality is good. It doesn’t show ads. For most people, that’s a more persuasive reason to switch than anything about encryption. You can explain the security later, after they’re already using it.

Enable disappearing messages. Open a Signal conversation, tap the contact name at the top, set disappearing messages to one week. This means messages automatically delete after seven days. It’s not about hiding anything — it’s about reducing the amount of data that exists if a device is ever compromised. Good security practice is reducing what’s available, not just protecting what’s there.

Enable Registration Lock. In Signal, go to Settings → Account → Registration Lock. This prevents anyone from re-registering your Signal account on another device using your phone number — which is the Signal equivalent of SIM-swapping. It takes ten seconds.

Write in your field journal: who you moved to Signal, what resistance you encountered, what arguments worked. That last part matters more than you think — you’re going to need those persuasion skills again.

---

Over a thousand people were identified after January 6, 2021, through a convergence of digital evidence. Facial recognition. Geofence warrants. Cell tower records. Citizen investigators who built databases from publicly posted footage. But the simplest vector — the one that required the least technical sophistication to exploit — was that people communicated in the open.

They posted on Facebook. They texted plans in unencrypted SMS. They live-streamed from inside the building. They took selfies and posted them with location tags. They messaged each other on platforms that logged every message, every contact, every group. When the subpoenas arrived, the platforms handed over everything, because everything was there to hand over.

The structural lesson is the same regardless of your politics: the people who were identified most quickly communicated as if no one was watching. The people who were identified more slowly — or not at all — practiced basic communications discipline. Encrypted messaging. No social media posts. No selfies. No live-streams.

Whatever your threat model says about who might access your communications and why — the technical response is the same. Encrypt the content. Minimize the metadata. Reduce what exists.

Your communications are now harder to read and harder to trace. That covers the digital channels between you and other people.

But it doesn’t cover everything. Signal can’t help you if your phone is broadcasting your location to a fake cell tower inside a briefcase. I’ll explain that in the next chapter.

---