Messaging apps are spying on you — Here’s how to stay safe in 2025
Social messaging apps tend to make major news headlines a few times per year for either their use in planning some sort of crime or, more routinely, for users’ privacy concerns over how companies like Meta — which owns WhatsApp, Instagram and Messenger — handle user data. In a somewhat separate event, the Trump administration became the focus of national discussion after members of US President Donald Trump’s cabinet were found to be using Signal to plan military actions in Yemen. While a hack, backdoor access or misuse of user data was not the source of criticism in this scenario, the event did raise national security concerns about Signal’s security and whether or not high-ranking government officials should be using messaging apps to discuss classified information. Apple’s recent decision to stop offering end-to-end encrypted (E2EE) cloud storage in the UK instead of creating a backdoor that would allow the UK government access to user data also raised eyebrows, and it highlights the ability of tech companies to make unilateral decisions about users’ data and their privacy. On Episode 58 of The Agenda podcast, hosts Ray Salmond and Jonathan DeYoung spoke to Sessions technical co-founder Kee Jefferys about how the decentralized, encrypted messaging app works to protect users’ privacy and data. Decentralize, or else the writing is on the wallBy downloading and using messaging apps, users, whether they realize it or not, often give the app and its operator permission to track their location, view their contacts and other data on their phone, and also keep records of their conversations.Even in instances where the app operator pledges not to do any of the above, if they process and keep user data on just one or two servers, the company itself is a risk of being compromised by hackers — and this presents a direct risk to users. Related:The case against Pavel Durov and why it's important for cryptoWhen asked whether Apple’s aforementioned decision to cease E2EE services rather than grant a government request backdoor access was an isolated event, Jeffreys said it likely was not. “I see countries moving more towards this ideology of pushing applications like backdoors for applications and arresting developers of open-source code,” he said. “I mean, obviously, we saw this with Durov, the founder of Telegram, being arrested in France. Even though he himself didn't do anything wrong, because Telegram was being used for malicious acts, the French government felt empowered to arrest the founder, even though all of the Telegram code is open source. So, that's really concerning from my perspective.” As mentioned earlier, malicious attacks also remain an ever-present threat to users and the companies that operate messaging apps. Jeffreys explained that Session messages are E2EE, the app does not require a mobile phone number to sign up, and the platform uses Onion routing to hide users’ IP addresses, and he said that blockchain is one of the most optimal solutions for decentralizing and hardcoding security to applications. Jeffreys said: “In Session, you don't reveal your IP address to the nodes that you store your messages on, and then it's decentralized as well. So it doesn't have a single central server where all of the messages are stored. It actually has this decentralized network of around 2,200 nodes, which kind of splits and stores your messages temporarily on the network. So from that perspective, like it's censorship-resistant, it hides a lot of metadata when you use the service, and it doesn't require these real-world identifiers when you sign up for Session.” When asked for some suggestions that normal people can take if they want to increase their privacy, Jefferys said that there are some very “simple steps [people] can take to protect themselves, mostly against hackers and corporate intrusion.” “Making sure that your social media footprint, like the things that you put out there publicly, are as clean as possible. So, like going through your old social media posts and removing things which are publicly accessible not only to train AI tools, but also to start forming these pictures about you, about what your interests are, what products do you like. Those are things that are publicly accessible. I would just remove as much as possible and be careful about what you're saying online and the digital footprint that you're creating as well.”To hear more from Jeffreys’ conversation with The Agenda — including his future vision for blockchain-based messaging apps — listen to the full episode on Cointelegraph’s Podcasts page, Apple Podcasts or Spotify. And don’t forget to check out Cointelegraph’s full lineup of other shows! Magazine: Did Telegram’s Pavel Durov commit a crime? Crypto lawyers weigh inThis article is for general information purposes and is not intended to be and should not be taken as legal or investment advice. The views, thoughts, and opinions expressed here are the author’s alone and do not nec
Social messaging apps tend to make major news headlines a few times per year for either their use in planning some sort of crime or, more routinely, for users’ privacy concerns over how companies like Meta — which owns WhatsApp, Instagram and Messenger — handle user data.
In a somewhat separate event, the Trump administration became the focus of national discussion after members of US President Donald Trump’s cabinet were found to be using Signal to plan military actions in Yemen. While a hack, backdoor access or misuse of user data was not the source of criticism in this scenario, the event did raise national security concerns about Signal’s security and whether or not high-ranking government officials should be using messaging apps to discuss classified information.
Apple’s recent decision to stop offering end-to-end encrypted (E2EE) cloud storage in the UK instead of creating a backdoor that would allow the UK government access to user data also raised eyebrows, and it highlights the ability of tech companies to make unilateral decisions about users’ data and their privacy.
On Episode 58 of The Agenda podcast, hosts Ray Salmond and Jonathan DeYoung spoke to Sessions technical co-founder Kee Jefferys about how the decentralized, encrypted messaging app works to protect users’ privacy and data.
Decentralize, or else the writing is on the wall
By downloading and using messaging apps, users, whether they realize it or not, often give the app and its operator permission to track their location, view their contacts and other data on their phone, and also keep records of their conversations.
Even in instances where the app operator pledges not to do any of the above, if they process and keep user data on just one or two servers, the company itself is a risk of being compromised by hackers — and this presents a direct risk to users.
Related:The case against Pavel Durov and why it's important for crypto
When asked whether Apple’s aforementioned decision to cease E2EE services rather than grant a government request backdoor access was an isolated event, Jeffreys said it likely was not. “I see countries moving more towards this ideology of pushing applications like backdoors for applications and arresting developers of open-source code,” he said.
“I mean, obviously, we saw this with Durov, the founder of Telegram, being arrested in France. Even though he himself didn't do anything wrong, because Telegram was being used for malicious acts, the French government felt empowered to arrest the founder, even though all of the Telegram code is open source. So, that's really concerning from my perspective.”
As mentioned earlier, malicious attacks also remain an ever-present threat to users and the companies that operate messaging apps. Jeffreys explained that Session messages are E2EE, the app does not require a mobile phone number to sign up, and the platform uses Onion routing to hide users’ IP addresses, and he said that blockchain is one of the most optimal solutions for decentralizing and hardcoding security to applications.
Jeffreys said:
“In Session, you don't reveal your IP address to the nodes that you store your messages on, and then it's decentralized as well. So it doesn't have a single central server where all of the messages are stored. It actually has this decentralized network of around 2,200 nodes, which kind of splits and stores your messages temporarily on the network. So from that perspective, like it's censorship-resistant, it hides a lot of metadata when you use the service, and it doesn't require these real-world identifiers when you sign up for Session.”
When asked for some suggestions that normal people can take if they want to increase their privacy, Jefferys said that there are some very “simple steps [people] can take to protect themselves, mostly against hackers and corporate intrusion.”
“Making sure that your social media footprint, like the things that you put out there publicly, are as clean as possible. So, like going through your old social media posts and removing things which are publicly accessible not only to train AI tools, but also to start forming these pictures about you, about what your interests are, what products do you like. Those are things that are publicly accessible. I would just remove as much as possible and be careful about what you're saying online and the digital footprint that you're creating as well.”
To hear more from Jeffreys’ conversation with The Agenda — including his future vision for blockchain-based messaging apps — listen to the full episode on Cointelegraph’s Podcasts page, Apple Podcasts or Spotify. And don’t forget to check out Cointelegraph’s full lineup of other shows!
Magazine: Did Telegram’s Pavel Durov commit a crime? Crypto lawyers weigh in
This article is for general information purposes and is not intended to be and should not be taken as legal or investment advice. The views, thoughts, and opinions expressed here are the author’s alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.
