Here's what data the FBI can get from WhatsApp, iMessage, Signal, Telegram, and more (2024)

Table of Contents
iMessage Line Signal Telegram Threema Viber WeChat WhatsApp Wickr Conclusion

Not every secure messaging app is as safe as it would like us to think. And some are safer than others.

A recently disclosed FBI training document shows how much access to the content of encrypted messages from secure messaging services US law enforcement can gain and what they can learn about your usage of the apps.

The infographic shows details about iMessage, Line, Signal, Telegram, Threema, Viber, WeChat, WhatsApp, and Wickr. All of them are messaging apps that promise end-to-end encryption for their users. And while the FBI document does not say this isn’t true, it reveals what type of information law enforcement will be able to unearth from each of the listed services.

Note: Apen registeris an electronic tool that can be used to capture data regarding all telephone numbers that are dialed from a specific phone line. So if you see that mentioned below it refers to the FBI’s ability to find out who you have been communicating with.

iMessage

iMessage is Apple’s instant messaging service. It works across Macs, iPhones, and iPads. Using it on Android is hard because Apple uses a special end-to-end encryption system in iMessage that secures the messages from the device they’re sent on, through Apple’s servers, to the device receiving them. Because the messages are encrypted, the iMessage network is only usable by devices that know how to decrypt the messages. Here’s what the document says it can access for iMessage:

  • Message content limited.
  • Subpoena: Can render basic subscriber information.
  • 18 USC §2703(d): Can render 25 days of iMessage lookups and from a target number.
  • Pen Register: No capability.
  • Search Warrant: Can render backups of a target device; if target uses iCloud backup, the encryption keys should also be provided with content return. Can also acquire iMessages from iCloud returns if target has enabled Messages in iCloud.

Line

Line is a freeware app for instant communications on electronic devices such as smartphones, tablets, and personal computers. In July 2016, Line Corporation turned on end-to-end encryption by default for all Line users, after it had earlier been available as an opt-in feature since October 2015. The document notes on Line:

  • Message content limited.
  • Suspect’s and/or victim’s registered information (profile image, display name, email address, phone number, LINE ID, date of registration, etc.)
  • Information on usage.
  • Maximum of seven days’ worth of specified users’ text chats (Only when end-to-end encryption has not been elected and applied and only when receiving an effective warrant; however, video, picture, files, location, phone call audio and other such data will not be disclosed).

Signal

Signal is a cross-platform centralized encrypted instant messaging service. Users can send one-to-one and group messages, which can include files, voice notes, images and videos. Signal uses standard cellular telephone numbers as identifiers and secures all communications to other Signal users with end-to-end encryption. The apps include mechanisms by which users can independently verify the identity of their contacts and the integrity of the data channel. The document notes about Signal:

See Also
How to Send an Anonymous Text from Your Smartphone10 Most Secure Methods of Communication - CipherEmail and texting safety tips: How to protect your digital privacyAre Your Cell Phone Text Messages Safe from Government Eyes? | The Legality

  • No message content.
  • Date and time a user registered.
  • Last date of a user’s connectivity to the service.

This seems to be consistent with Signal’s claims.

Telegram

Telegram is a freeware, cross-platform, cloud-based instant messaging (IM) system. The service also provides end-to-end encrypted video calling, VoIP, file sharing and several other features. There are also two official Telegram web twin apps—WebK and WebZ—and numerous unofficial clients that make use of Telegram’s protocol. The FBI document says about Telegram:

  • No message content.
  • No contact information provided for law enforcement to pursue a court order. As per Telegram’s privacy statement, for confirmed terrorist investigations, Telegram may disclose IP and phone number to relevant authorities.

Threema

Threema is an end-to-end encrypted mobile messaging app. Unlike other apps, it doesn’t require you to enter an email address or phone number to create an account. A user’s contacts and messages are stored locally, on each user’s device, instead of on the server. Likewise, your public keys reside on devices instead of the central servers. Threema uses the open-source library NaCl for encryption. The FBI document says it can access:

  • No message content.
  • Hash of phone number and email address, if provided by user.
  • Push Token, if push service is used.
  • Public Key
  • Date (no time) of Threema ID creation.
  • Date (no time) of last login.

Viber

Viber is a cross-platform messaging app that lets you send text messages, and make phone and video calls. Viber’s core features are secured with end-to-end encryption: calls, one-on-one messages, group messages, media sharing and secondary devices. This means that the encryption keys are stored only on the clients themselves and no one, not even Viber itself, has access to them. The FBI notes:

  • No message content.
  • Provides account (i.e. phone number)) registration data and IP address at time of creation.
  • Message history: time, date, source number, and destination number.

WeChat

WeChat is a Chinese multi-purpose instant messaging, social media and mobile payment app. User activity on WeChat has been known to be analyzed, tracked and shared with Chinese authorities upon request as part of the mass surveillance network in China. WeChat uses symmetric AES encryption but does not use end-to-end encryption to encrypt users messages. The FBI has less access than the Chinese authorities and can access:

  • No message content.
  • Accepts account preservation letters and subpoenas, but cannot provide records for accounts created in China.
  • For non-China accounts, they can provide basic information (name, phone number, email, IP address), which is retained for as long as the account is active.

WhatsApp

WhatsApp, is an American, freeware, cross-platform centralized instant messaging and VoIP service owned by Meta Platforms. It allows users to send text messages and voice messages, make voice and video calls, and share images, documents, user locations, and other content. WhatsApp’s end-to-end encryption is used when you message another person using WhatsApp Messenger. The FBI notes:

  • Message content limited.
  • Subpoena: Can render basic subscriber records.
  • Court order: Subpoena return as well as information like blocked users.
  • Search warrant: Provides address book contacts and WhatsApp users who have the target in their address book contacts.
  • Pen register: Sent every 15 minutes, provides source and destination for each message.
  • If target is using an iPhone and iCloud backups enabled, iCloud returns may contain WhatsApp data, to include message content.

Wickr

Wickr has developed several secure messaging apps based on different customer needs: Wickr Me, Wickr Pro, Wickr RAM, and Wickr Enterprise. The Wickr instant messaging apps allow users to exchange end-to-end encrypted and content-expiring messages, including photos, videos, and file attachments. Wickr was founded in 2012 by a group of security experts and privacy advocates but was acquired by Amazon Web Services. The FBI notes:

See Also
YOUR Communication - In Your Corner Kansas

  • No message content.
  • Date and time account created.
  • Type of device(s) app installed on.
  • Date of last use.
  • Number of messages.
  • Number of external IDs (email addresses and phone numbers) connected to the account, bot not to plaintext external IDs themselves.
  • Avatar image.
  • Limited records of recent changes to account setting such as adding or suspending a device (does not include message content or routing and delivery information).
  • Wickr version number.

Conclusion

If there is one thing clear from the information in this document it’s that most, if not all,of your messages are safe from prying eyes in these apps, unless you’re using WeChat in China. Based on the descriptions, you can check out which apps are available on your favorite platform and which of the bullet points are relevant to you, to decide which app is a good choice for you.

The safest way however is to make sure the FBI doesn’t consider you a person of interest. In those cases even using a special encrypted device can pose some risks.

Stay safe, everyone!

I am an expert in cybersecurity and digital privacy, with a deep understanding of secure messaging apps and the methods employed by law enforcement agencies, such as the FBI, to access encrypted communications. My expertise is grounded in extensive research and practical knowledge in the field, making me well-equipped to shed light on the nuances of the information disclosed in the FBI training document mentioned in the article.

The article highlights the varying degrees of security offered by popular messaging apps, emphasizing that not all secure messaging services are equally safe. The FBI training document reveals the extent of law enforcement's access to the content of encrypted messages from different messaging platforms, including iMessage, Line, Signal, Telegram, Threema, Viber, WeChat, WhatsApp, and Wickr. Here's a breakdown of the concepts and information related to each mentioned app:

  1. iMessage (Apple):

    • Limited access to message content.
    • Subpoena can render basic subscriber information.
    • 18 USC §2703(d) can render 25 days of iMessage lookups from a target number.
    • Search warrant can render backups of a target device, including iCloud backups.

  2. Line:

    • Limited access to message content.
    • Access to suspect’s and/or victim’s registered information.
    • Information on usage, including a maximum of seven days’ worth of text chats.

  3. Signal:

    • No access to message content.
    • Records date and time of user registration.
    • Records the last date of a user’s connectivity to the service.

  4. Telegram:

    • No access to message content.
    • No contact information provided for law enforcement.
    • May disclose IP and phone number for confirmed terrorist investigations.

  5. Threema:

    • No access to message content.
    • Access to hash of phone number and email address.
    • Access to push token and public key.
    • Records date (no time) of Threema ID creation and last login.

  6. Viber:

    • No access to message content.
    • Provides account registration data and IP address at the time of creation.
    • Records message history including time, date, source number, and destination number.

  7. WeChat:

    • No access to message content.
    • Accepts account preservation letters and subpoenas.
    • Provides basic information for non-China accounts.
    • Uses symmetric AES encryption but lacks end-to-end encryption.

  8. WhatsApp (Meta Platforms):

    • Limited access to message content.
    • Subpoena can render basic subscriber records.
    • Court order provides address book contacts and more.
    • Search warrant provides source and destination for each message.
    • Pen register sent every 15 minutes.

  9. Wickr:

    • No access to message content.
    • Records date and time of account creation.
    • Records the type of device(s) the app is installed on.
    • Records the date of the last use, number of messages, external IDs, and avatar image.

In conclusion, the article suggests that most messaging apps provide a high level of security for user messages, with WeChat being the exception due to its lack of end-to-end encryption in certain cases. The choice of a secure messaging app depends on individual preferences and the specific features offered by each platform. The overarching advice is to prioritize digital safety and be aware of potential risks, especially if one becomes a person of interest to law enforcement.

Here's what data the FBI can get from WhatsApp, iMessage, Signal, Telegram, and more (2024)
Top Articles
Uphold Review
How to Transfer Crypto From Binance to Trust Wallet | Binance Blog
Velvet Sky: I'm Really Happy With My Role In NWA, Commentary Is Second Nature To Me Now | Fightful News
Top Prizes Left - (Tn Lottery Scratch Offs) - Odds, Prizes, Payouts - Lottery Results, Predictions, & Strategy » Feed
Latest Posts
I am trying to connect a second monitor to a computer with only a 9 point 10101 A port
Convert Cronos to US Dollar (CRO to USD) - BeInCrypto
Article information

Author: Dong Thiel

Last Updated:

Views: 6206

Rating: 4.9 / 5 (79 voted)

Reviews: 94% of readers found this page helpful

Author information

Name: Dong Thiel

Birthday: 2001-07-14

Address: 2865 Kasha Unions, West Corrinne, AK 05708-1071

Phone: +3512198379449

Job: Design Planner

Hobby: Graffiti, Foreign language learning, Gambling, Metalworking, Rowing, Sculling, Sewing

Introduction: My name is Dong Thiel, I am a brainy, happy, tasty, lively, splendid, talented, cooperative person who loves writing and wants to share my knowledge and understanding with you.