If it’s does such service exist?
Mostly asking for eu laws but anything would be interesting.
Chat logs, Call logs, email, username and phonenumber
As far as I understand as long as the service doesn’t store this information themselves it is allowed. If so can’t most of it be stored locally?
Many companies opt to give data to governments voluntarily, but either way none can deny a request sent by a court. So yes, the government will get all the data the companies have if they can prove their need in court (very low bar mind you).
Phone companies have direct link to governments. They might need to overcome some evidence hurdle if they want to use that data in court, but assume they know everything. VPNs might be worth looking.
Don’t use email to anything that requires anonymity or security. You can use services like SimpleLogin or Addy.io to hide your true email from big tech / data brokers / breach databases, but probably not the government.
For private communication, maybe SimpleX is your best option. No data required to open an account and no notifications sent through Google/Apple.
Signal requires a phone number and Matrix/Element requires an email. Sure you can use temp numbers and email, but that’s added potential points of failure. And I think both will use Google/Apple infrastructure for notifications. They might encrypt the contents, but the government can still have the timestamps on your messages. Unless both parties have custom Android OS without Play Services.
If you have a specific need, I’d go with SimpleX. If it’s for general avoidance of surveillance, I’d go with Signal, it’s more mainstream and it’s hard enough already to get people to use anything other than WhatsApp/iMessage.
Check The Best Privacy Tools, Services, and Ad-Free Recommendations - Privacy Guides
Thank you for the suggestion.
But you seem to suggest that best you can get is not being able to get traced to a person. The actual conversation itself cannot be hidden?
My other concern is, that you’d not be able to share these messaging accounts unless in person.
I’m not sure about matrix requiring an email address , i guess it depends on the homeserver you sign up with
“Once again, Signal doesn’t have access to your messages; your calls; your chat list; your files and attachments; your stories; your groups; your contacts; your stickers; your profile name or avatar; your reactions; or even the animated GIFs you search for – and it’s impossible to turn over any data that we never had access to in the first place.”
What data does signal provide in case of a goverment request then?
Thank you. That this level of privacy is possible is awesome.
Can you use something else than google notifications, without installing a costum rom and a device that is not rooted?
Found this thread:
Doing what Signal or other applications are doing is not enough.
The backend server should be sending decoy notification traffic to throw off threat actors observing traffic on the wire and then using timestamps to correlate conversations.
Google/Apple should also be sending decoy notifications to help mitigate this issue, but at the end of the day, it will still be a mitigation and not a real solution.
While this is not relevant for the absolute majority of people, it’s relevant to highly targeted individuals to whom Signal and other similar apps are recommended to keep them safe.
That doesn’t seem right to me. Are you sure about that? Do their servers keep a log of notifications? Signal doesn’t, I don’t why they would.
That’s why they get it from Google and Apple, not from Signal. Take a look at this:
Of course it’s different if SimpleX servers get NSA hacked.
I don’t actually think we’re disagreeing here. You’re saying that their servers are not safe from being compromised (well, nothing is, so…) and they currently have low safeguards to protect against compromised community servers, which users don’t use unless they manually add the anyway.
But baseline (hacking aside) is still no, SimpleX doesn’t keep logs and LE won’t get your logs by asking them for your data.
Is this wrong?