Signal, once the favored communication platform for security-minded diplomats, journalists, and activists across the EU, is facing a significant crisis of trust. Recent revelations have highlighted multiple breaches of its security, leading to concerns about the app’s reliability in safeguarding sensitive conversations.
Compromised Security
A Reuters investigation disclosed that Russian hackers successfully infiltrated Signal in Germany, with similar breaches reported in the Netherlands by Dutch intelligence. The situation escalated to the point where senior EU officials felt compelled to disband a Signal group due to fears of hacking, as reported by Politico.
The implications of these breaches extend beyond mere inconvenience. According to a European intelligence source, accessing someone’s Signal chat content on the dark web can cost between ,000 (€8,500) and ,000, depending on the target’s profile. In contrast, acquiring data from WhatsApp is relatively cheaper, ranging from ,000 to ,000.
Data Vulnerabilities
For those seeking personal information, the black market offers a disturbing array of options. A contact from a private-intelligence firm indicated that one could purchase individuals’ travel histories for as little as 0 to 0, particularly targeting those who have traveled to countries notorious for data leaks, such as Russia and Turkey.
In a collaborative investigation with Belgian and Prague-based media, EUobserver uncovered alarming details, including Russian diplomats’ medical records, banking information, and even dating site usernames. While similar data can be acquired in Western Europe, the costs are notably higher.
Moreover, the potential for tracking individuals has become alarmingly precise. If a person has downloaded certain applications, such as the once-popular ‘Candy Crush,’ their location could be updated to a cloud service, allowing for GPS-level tracking.
Surveillance Tactics
The landscape of surveillance extends beyond digital means. A notable case involved a Kazakh refugee in Brussels, who was subjected to high-definition surveillance through her windows by a British firm, alongside being followed by car and having her garbage intercepted.
A Belgian private detective remarked on the challenges posed by local laws, stating, “The law forbids almost everything we need to do in order to be effective, but everyone does it anyway.” This sentiment reflects a broader trend within the private-detective industry in Europe, where legal constraints often clash with operational realities.
State-Sponsored Intrusions
State actors have also employed sophisticated tools to target individuals. Israeli spyware, such as Pegasus, has been used to compromise the devices of journalists and other perceived adversaries of certain EU governments. This raises pressing questions about the feasibility of maintaining privacy in an age where digital surveillance is rampant.
As the challenges of secure communication mount, the prospect of offline interactions becomes increasingly appealing yet impractical for many. Unless one is prepared to invest heavily in encryption for specific communications, the prevailing assumption must be that online exchanges are vulnerable to compromise. In this era of digital panopticons, maintaining innocence may be the only viable defense against pervasive surveillance.
