Access control over personal data is the contemporary warfront for freedom. Encrypted messaging is a simple improvement anyone can make. Here are my top choices for private messaging. I’ll go into why I chose these particular apps and protocols a little further down.
Signal
Signal was chosen as the best overall practical option.
This is a great option for talking to friends and family, people who would already have your phone number. It’s like Whatsapp without the zuck. The UI is easy, it does group video calls, it’s end to end encrypted and there’s a healthy user base. It’s my overall top recommendation for anyone looking for privacy in messaging.
Jami
Jami was chosen for best communication technology.
This is my personal favourite although it isn’t as popular as Signal. Where you need a phone number to use Signal, Jami does groups, text, talk, and video without requiring any personal info at all. There’s no weird mobile-coin stuff or a dependency on a centralized server. Instead it features a completely peer-to-peer architecture and uses Ethereum to handle unique usernames. If the developers and their servers disappeared tomorrow the network would still live on. If you use Jami through a trustworthy VPN (or similar) it’s the best current option in terms of privacy and features. Also it’s made in Montreal! 😁
Matrix
Matrix was chosen for its interoperability (protocol consolidation).
Matrix is basically the new email but much more powerful. From a privacy perspective, it’s not as good as Signal or Jami because it complicates the threat model. The added difficulty comes from having to track the varying degrees of privacy in each conversation. Relative to email however, it’s a definite upgrade and makes a great public facing option.
Like email, Matrix is a federated system and supports both encrypted and non-encrypted conversations, Discord style rooms, VoIP and more. The other huge feature is interoperability. It has bridges which allows users to communicate with other platforms such as Slack, Discord, Facebook Messenger, Instagram, Whatsapp, IRC, email itself… the list is long. While bridging capabilities depend on the home server, matrix is the first honest attempt at this level of interoperability. It seems to me to be a critical technology in the transition toward a privacy respecting internet.
Because matrix is federated there are several client and server implementations of the standard. This is like how you can use email through gmail or hotmail and you can use the gmail app, outlook, or thunderbird. But it’s still all email. Likewise you can use matrix through Fluffychat or Nheko and have your account with matrix.org or some other home server. But it’s still all matrix. Element is the most popular matrix app.
App Selection Process
There are many factors to consider in a world that is hostile to user privacy at pretty much every level.
Verifiable end-to-end encryption is the bare minimum protection which makes open source a prerequisite for my list.
Metadata, network usage, and identity should be protected as well. There isn’t really anything fool-proof we can do here due to the way the internet was originally built. Proxies, darknets, and minimal personal information for signing up are all ways of dealing with this trickier class of private data.
Don’t underestimate the value of ease of use and low barriers to entry. Desirable functionality, a dead simple UI, and multi-platform support are prerequisites for widespread adoption. A communication standard or application without users is not much use at all.
On a similar note, social network effects are the most difficult hurtle to overcome. How is it no-one likes facebook, but everyone still uses it? People use a platform because their contacts use it and the platform owners neglect or refuse to implement interoperability with alternatives. Interoperability technologies are exactly the answer in these cases.
If I didn’t include your favourite messaging app, it’s probably because it lost out on one or more of these aspects to the ones I chose. For instance, I think IRC, XMPP, and Session are too limited in terms of features for what most people expect out of a social app. Although they are less vulnerabile than matrix in terms of metadata, I don’t see them gaining traction whilst matrix can always be improved and in the meantime encrypted messaging becomes normalized.
Other Apps and Looking Ahead
Messaging protocols are something that will continuously evolve over time. There’s no avoiding it. There will likely be many changes in how people talk to eachother express themselves and do business online.
Briar
It implements onion routing and can also communicate over bluetooth without internet. Both parties must be online for the message to get across and it’s text only. Use this if you’re a journalist at risk or you’re in a war zone. This is the trusted app for the most demanding threat models.
Berty
This is a true Web3 messaging app in that it uses a fully decentralized and private protocol stack making use of tor and IPFS. It also allows messages to be sent directly over bluetooth. Berty is still under development and it’ll be a while until the technology matures. But it’s shaping up to be a solid upgrade to Briar.
EU Digital Markets Act
The European Union has introduced legislation requiring interoperability for “number-independent interpersonal communication services” (NIICS). You’ll know them as popular messaging and video-chat platforms like iMessage, Facebook Messenger, and Google Messages.
It is possible for this interoperability to be achieved while preserving end-to-end encryption. However there is a significant technical challenge. Given many government’s hostility toward individual privacy, encryption may take a back-seat as a priority in favour of opening up the big platforms.