Centralized Infrastructure: Signal relies on centralized servers controlled by the Signal Foundation. This creates a single point of failure or control, unlike decentralized alternatives (e.g., Matrix). If servers are compromised or coerced, metadata or service could be affected.
Phone Number Requirement: Signal requires a phone number for registration, which can link accounts to real-world identities. This raises concerns for users seeking full anonymity, as phone numbers can be traced or requested by authorities.
Limited Anonymity: While messages are end-to-end encrypted, Signal collects some metadata (e.g., phone numbers, contact lists if shared, and last activity timestamps). Though minimal compared to other apps, this metadata could theoretically be accessed under legal pressure.
U.S.-Based Nonprofit: The Signal Foundation is based in the U.S., subject to U.S. laws and potential government surveillance (e.g., NSL demands). Some users distrust any service under U.S. jurisdiction due to historical surveillance programs like PRISM.
Proprietary Server Code: While Signal’s client-side code is open-source, the server-side code was historically closed-source (though it’s now open). Some users remain skeptical about what happens on the server side, despite encryption protections.
Funding Concerns: Signal is funded partly by donations and grants, including from the Open Technology Fund, which has ties to U.S. government programs. This raises suspicions for some about potential influence or backdoors, though no evidence supports this.
Dependence on Third-Party Services: Signal uses services like AWS or Google Cloud for infrastructure, which could be subject to third-party data requests or vulnerabilities outside Signal’s control.
Lack of Full Audit Transparency: While Signal’s encryption (Signal Protocol) is audited and trusted, some argue the app’s overall system (including updates and server operations) lacks frequent, comprehensive public audits, leading to skepticism about implementation flaws.
Feature Creep: Recent additions like group calls, stories, or payment features (e.g., MobileCoin integration) worry some users that Signal might stray from its privacy-first mission, potentially introducing vulnerabilities or bloat.
Social Pressure and Adoption: Some distrust Signal due to its association with activists or whistleblowers, fearing it might attract targeted surveillance. Conversely, others worry about its growing mainstream adoption, which could lead to commercialization or compromises.
