In a recent development, a notable incident involving The Atlantic’s editor-in-chief unfolded within a Signal chat among senior officials from the Trump administration, centered around discussions of military actions in Yemen. The choice of Signal as the communication platform raises an intriguing question: why opt for Signal over more commonly used messaging applications like WhatsApp?
Security Features of Signal
The answer lies in Signal’s robust security framework, which has made it a preferred choice for sensitive discussions, particularly those involving national security. Signal employs end-to-end encryption, a method that ensures only the intended sender and recipient can access the content of their messages. This is achieved through a unique encryption ‘key’; without this key, access is denied.
This level of security means that no intermediary, including service providers or even Signal itself, can intercept or read the messages exchanged. Signal has also pioneered an open-source encryption approach known as the Signal Protocol. According to the Open Source Initiative (OSI), encryption is most secure when it is built upon open-source algorithms, allowing for public scrutiny and verification of its security measures.
As Meredith Whittaker, Signal’s president, pointed out in a recent interview, employing strong encryption is crucial for national security. The absence of such measures can leave individuals and critical infrastructure exposed to significant risks.
While WhatsApp adopted end-to-end encryption in 2016, it did so using a closed-source model, meaning that users must place their trust in the platform’s security without visibility into its inner workings. In contrast, Telegram, another popular messaging alternative, does not utilize end-to-end encryption, leaving its messages vulnerable to interception by third parties.
Signal distinguishes itself further by operating as an independent non-profit organization in the United States, free from the influence of major tech corporations. In contrast, WhatsApp has been a part of Meta, the parent company of Facebook, since 2014.
Institutional Adoption of Signal
Signal’s enhanced security features have led to its growing popularity within political circles, particularly in Brussels. Both the European Commission and Parliament have recommended the app for use when staff members are unable to access secure communication tools that the institutions are already funding.
In an internal communication to parliamentary staff earlier this year, it was noted that Signal was the preferred messaging solution when corporate communication tools were unavailable. The Parliament currently relies on Microsoft Teams and Jabber, a messaging service provided by Cisco, for official communications.
The guidelines highlighted an “increase in threat to the commercial telecommunications infrastructure” and referenced several recent incidents targeting major U.S. telecom companies. One notable example is the “Salt Typhoon” attacks, where Chinese hackers exploited vulnerabilities in U.S. telecom systems to access sensitive information, including data related to Donald Trump.
Similarly, the European Commission confirmed its recommendation of Signal as a “safe alternative” when no equivalent corporate tool is accessible, although it emphasized that there is “no obligation” to use the app.
Ultimately, the recent leak of U.S. national defense plans was not attributable to any flaw in Signal’s encryption. Instead, it was a result of human error within Trump’s inner circle. Thus, while the choice of application was sound, the participants in the conversation were not.
