Moving Sensitive Communications to Signal or WhatsApp

Moving Sensitive Communications to Secure Messaging

Email and workplace chat platforms like Slack are not designed for sensitive communications. While convenient for daily operations, they create permanent, searchable records that are vulnerable to subpoenas, breaches, and surveillance. This guide explains when and how to move sensitive conversations to encrypted messaging platforms, primarily Signal and WhatsApp.

Concerns about Email and Slack

Why Email is Insecure for Sensitive Communications

Fundamental Vulnerabilities:

Email travels between servers as plain text (encrypted "in transit" but viewable by Google, Microsoft, etc.)
Messages are stored permanently on multiple servers (from senders and receivers)
Subject lines are never encrypted
Easy target for subpoenas and legal discovery
Metadata (who, when, to whom) is always visible
NOTE: Even "secure" email from Proton isn't encrypted if the recipients are Google or Microsoft users

When Email is Acceptable:

Public communications (press releases, newsletters)
Routine coordination that isn't sensitive
Communications that you'd be comfortable being publicly disclosed

Why Slack/Teams Aren't Secure Channels

Critical Limitations:

No end-to-end encryption (providers can read all messages)
Complete message history stored on company servers (for paid accounts)
Administrator access to all conversations
Vulnerable to subpoenas, e-discovery, and data requests
Often mistaken as secure due to business/professional use
Compliance tools may monitor all activity

When Slack/Teams are Acceptable:

General team coordination
Project management discussions
Non-sensitive organizational communications
When transparency and searchability are priorities

Secure Messaging

What Makes Messaging Platforms Secure?

End-to-End Encryption (E2EE):

Messages encrypted on your device
Only the recipient can decrypt
Service provider cannot read message contents
Protection from server breaches and legal requests

Additional Security Features:

Disappearing messages (auto-delete after set time)
Screenshot notifications
Minimal metadata collection
Open source code (for verification)

Signal

Why Signal is Recommended

Technical Security:

End-to-end encryption by default for all communications
Trusted open source protocol audited by security researchers
Minimal metadata collection (phone numbers encrypted)
Disappearing messages for all conversations

Organizational Structure:

Operated by Signal Foundation, a nonprofit
U.S.-based but with strong privacy commitments
Limited data to provide in response to legal requests (no messaging data and almost no metadata)
Transparent about government requests (publishes reports)

Practical Features:

Voice and video calls (also encrypted)
Group messaging with admin controls
File sharing (encrypted)
Desktop applications available
Relatively simple to use -- feels like a "regular" chat app

When to Use Signal

High Priority Scenarios:

Campaign strategy discussions
Legal strategy or attorney communications
Confidential partner communications
Internal discussions about sensitive operations
Anything you wouldn't want leaked to opposition or adversaries
Communications involving vulnerable individuals
Financial or donor information discussions

Organizational Use Cases:

Executive team sensitive discussions
Board communications on confidential matters
Crisis response coordination
Incident response team communications
Legal compliance discussions
Sensitive conversation with external partners

Signal Best Practices

Setup and Configuration:

Enable Registration Lock: Prevents someone from registering Signal with your number
Set Disappearing Messages: Default to 1 week or 4 weeks for most conversations
Enable Screen Security: Blocks screenshots (on Android)
Use PIN: Protect account recovery with secure PIN

Operational Security:

Create dedicated Signal groups for specific sensitive projects
Name groups descriptively but not identifiably ("Project Alpha" not "Litigation Strategy")
Regularly review group membership
Use Signal for sensitive one-on-one check-ins
Turn on disappearing messages

Understanding WhatsApp's Security

What WhatsApp Does Well:

End-to-end encryption using Signal Protocol
Encrypted voice/video calls
Enormous, global existing user base (easier adoption)
Feature-rich (compared to Signal)
Disappearing messages available

Critical Limitations:

Owned by Meta (Facebook company)
Collects extensive metadata (who you talk to, when, how often)
Shares metadata with Meta for advertising/analytics
Cloud backups not end-to-end encrypted by default
Terms of service allow data sharing within Meta companies
Subject to Meta's broader surveillance advertising business

Metadata Risks:

Lower-Risk Scenarios (when it's ok to use WhatsApp):

Communications with international partners where WhatsApp is standard
Coordination that isn't highly sensitive but needs encryption
Communities where Signal adoption would be a major barrier
When the content is sensitive but metadata exposure is acceptable (it's ok to expose who you're talking to)

WhatsApp Risk Mitigation

If you must use WhatsApp:

Minimize Metadata Exposure:
- Don't use it for highly sensitive contacts
- Assume Meta knows you're communicating with this person
- Consider what communication patterns reveal
Secure Settings:
- Enable disappearing messages
- Disable read receipts
- Turn off automatic media download
- Disable cloud backups (or ensure they're encrypted)
- Enable two-step verification
- Advanced Chat Privacy: Admins can turn this on, users can't save media to their device or export chats
Behavioral Safeguards:
- Use for logistics, not strategy
- If possible, move highly sensitive conversations to Signal
- Don't use for communications involving vulnerable people
- Assume metadata is being collected and potentially shared