Privacy: Encrypted Messaging

End-to-end encrytion (E2EE) is a form of communication where the messages are encrypted in such a way that only the people involved in the conversation can read them. See Understanding Encryption for more information on this.

These days, all messages are encrypted (except SMS text messages), but the service provider (Google, Facebook, etc) has the keys to decrypt your messages and can read them if they want to or are ordered to by a warrant. This means that a company can scan your messages to insert unwelcome ads or alter or block messages entirely, or that a rogue employee can steal the images and information you transmit. E2EE Messaging makes this impossible.

The most important thing is to make sure the person you're contacting is using the same service as you. These services only work if both parties are using the same encryption system. When making your decision, you should consider if any of your contacts are already widely using an encrypted messenger. If none of your contacts are using an encrypted messenger or if you think there's room for improvement, consider one from the list below.

WhatsApp is owned by Facebook, who is a notorious enemy of privacy, and collects metadata. (Source)

Telegram is better than WhatsApp, but still has several serious shorcomings such as collecting metadata, centralization, and no encryption by default (and no ability to encrypt group chats at all). Use Telegram with caution

Product/Service	Pros	Cons
Click here to see my criteria for selecting these services
Click here for a visual version of this chart
Listed in alphabetical order, not order of recommendation
Jami	Available on Debian, Mac, Windows, Android, and iOS. Peer-to-peer Username-based Anonymous	Not audited Not metadata resistant No disappearing messages
Matrix	Available on Debian, Mac, Windows, Android, and iOS. Decentralized Username-based Anonymous Can be self-hosted Can be bridged to communicate with other services such as Slack, Telegram, Signal, Discord, Facebook, and more. Popular clients include Element, FluffyChat, and SchildiChat.	Not audited Not metadata resistant Default homeserver based in the United Kingdom No disappearing messages.
Session	Audited Available on Debian, Mac, Windows, Android, and iOS. Decentralized Username-based Metadata resistant Anonymous Offers disappearing messages	In beta, some instability still present Voice & video calls in beta
Signal	Audited Available on Debian, Mac, Windows, Android, and iOS. Does not log metadata Offers disappearing messages	Based in the United States Centralized Phone number required Signal has come under fire recently for a number of ethically questionable business practices Server source code went almost a year without a public update with no explanation
Threema	Audited Available on Android, and iOS Based in the Switzerland Username-based	Centralized Not free No desktop app, web only No disappearing messages
Wire	Audited Available on Debian, Mac, Windows, Android, and iOS. Username-based Offers disappearing messages	Based in the United States Centralized Collects some metadata Parent company deals heavily with analytics and data collection. This casts suspicions on the intent of the parent company and future uses of Wire's data collection.
XMPP	Available on Debian, Mac, Windows, Android, and iOS. Decentralized Username-based Anonymous depending on the server Popular clients include Conversations, and Monal.	Not audited Not metadata resistant Does not support phone or video calls in most servers No disappearing messages

Briar is only available on Android (and a Linux version still in testing). As such it does not meet the requirements for listing on this website. However, I once had the opportunity to speak with a war refugee who strongly promoted Briar. She pointed out that Androids are actually far more common than iPhones, particularly in war-torn parts of the world like hers. Additionally, Briar can work even in parts of the world where the infrastructure is unreliable or has been destroyed. She had several stories to share of how she and her community used Briar to coordinate, stay safe. and stay alive. This is because Briar - like Jami - is a peer-to-peer messenger that does not rely on any servers - it connects directly to other devices via Bluetooth or WiFi, making it both impossible to censor and viable even when the internet or cell towers are not functional. What makes Briar stand out from Jami is that Briar is specifically designed for journalists, activists, and those with particularly high threat models. It routes data through Tor when possible to strip metadata. Briar is considered one of the most secure options available for private messaging. Again, Briar is not officially recommended here because it is not cross-platform, but if you live in a highly volatile area with unreliable networking and a high number of Android users in your area, Briar would be my top recommendation without reservation.

For high-risk individuals, the jurisdiction of the provider is important. Jurisdiction determines what laws they follow and who can issue legal orders.

Some additional resources for deciding which secure messaging is right for you could include the Secure Messaging Apps Comparison Chart, SecuChart, and this chart.