“When you use Signal, your data is stored in encrypted form on your devices. The only information that is stored on the Signal servers for each account is the phone number you registered with, the date and time you joined the service, and the date you last logged on.”
This isn’t an ad, I wasn’t paid for this post. Just to clear the air: fuck facebook, fuck elon musk and twitter, fuck anyone who thinks this is a paid advertisement. I wish I was paid for this shit, I just wanted to spread the word. Thank you. 😀 👍
The GDPR applies to companies looking to utilise the software. So the church or any other entity bound by the GDPR cannot use the software due to it’s closed structure with servers in the US. This is absolutely a concern since business is conducted over messenge apps nowadays. I must’ve broken GDPR when communicating with my students about tutoring over WhatsApp. Our midwife must insist on threema with no alternatives. For the church this means they cannot communicate amongst themselves over Signal.
The site has a German audience in mind so the fact that the privacy policy not being accessible to non-English speakers is an obvious concern. I don’t understand how “well only few non English speakers use it” is an excuse.
And lastly the fact that Signal is the only CA means that they can use a machine- in-the-middle attack on their own users and there is no way to protect against it.
As I mentioned in my comment, it doesn’t - if the users verify each other’s “security number”.
The theory fails once it meets reality.
https://eprints.cs.univie.ac.at/4799/
All the other points stand as well.