Because everything in Signal is end-to-end encrypted by default, the broad set of personal information that is typically easy to retrieve in other apps simply doesn’t exist on Signal’s servers.
Tl;dr: Signal gave the court timestamps for three out of nine phone numbers that the court demanded data on. The timestamps were the dates three phone numbers last registered their accounts with Signal. That’s it. That is all the data there was to give.
This is why I use Signal. This is why I donate monthly to Signal.
Well, i’m not fluent in legalese, but isn’t the search order also exclusively asking for those two datapoints and nothing more?
They’re not asking for message timestamps e.g. or other metadata.
Maybe the court already knew that Signal doesn’t have any data to hand over beyond the registration dates?
That seems likely the case based off the series of previous warrants & subpoenas where they kept having to explain that they didn’t have any of that other shit to give.
That is not what I’m trying, no. Sorry if it came across like that.
My point is, that this isn’t an effective proof of a zero knowledge approach. In their blogpost, Signal says they don’t store anything, but this specific instance of a search warrant doesn’t serve to prove that.
It is great of them that they publish when and what they are asked to disclose, that practice is definitly appreciated. I do trust Signal, it is my main messenger.
This is just not the stresstest @Fuzzy_Red_Panda@lemm.ee makes it out to be in the top comment, imo.
Tl;dr: Signal gave the court timestamps for three out of nine phone numbers that the court demanded data on. The timestamps were the dates three phone numbers last registered their accounts with Signal. That’s it. That is all the data there was to give.
This is why I use Signal. This is why I donate monthly to Signal.
Well, i’m not fluent in legalese, but isn’t the search order also exclusively asking for those two datapoints and nothing more? They’re not asking for message timestamps e.g. or other metadata.
Good catch. It does look like that. Maybe the court already knew that Signal doesn’t have any data to hand over beyond the registration dates?
That seems likely the case based off the series of previous warrants & subpoenas where they kept having to explain that they didn’t have any of that other shit to give.
Are you trying to turn this into “So, they got exactly what they wanted! Signal cooperated and are thus not secure!”?
That is not what I’m trying, no. Sorry if it came across like that.
My point is, that this isn’t an effective proof of a zero knowledge approach. In their blogpost, Signal says they don’t store anything, but this specific instance of a search warrant doesn’t serve to prove that.
It is great of them that they publish when and what they are asked to disclose, that practice is definitly appreciated. I do trust Signal, it is my main messenger.
This is just not the stresstest @Fuzzy_Red_Panda@lemm.ee makes it out to be in the top comment, imo.
Battle tested privacy services <3