Comment by jFriedensreich
15 hours ago
I think this has also a silver lining. The E2E encryption movement especially for messenger apps was largely also used to silently lock users out of their own data and effectively prevent user agency to use their own data to move apps, write automations or archive, this is not just true for whatsapp (the data export feature does not fully work since its launch and was just made to appease some EU law that did not properly check if the button works until the end.) Also signal does not have a way to do this. Maybe with ai coming into the game companies finally decide to provide access to data, I just hope it's in a transparent way with user opt in and user control.
1. Is data encrypted in transit?
2. Can the user access their data at rest?
Those two things are entirely orthogonal.
I don't think you can extrapolate a trend from a few apps having bugs in their export code. Google Takeout is also notoriously buggy and they don't use E2E encryption. A more likely explanation is companies of all kinds don't care that much about export functionality, due to the incentives involved.
you CAN extrapolate from nearly all e2e encrypted apps not giving a way to use the data. And there is a big difference between buggy google export features or facebook actively making export unusable to lock in users.
Signal does not have a way to manually export your private keys and chat history, but the process of "moving" your signal account to a new phone is quite straightforward. You put both devices on the same wifi/LAN layer 2 broadcast segment, start the transfer process in the app, input the verification codes displayed on the screen from both devices, and it sends everything over. This moves the private key in a way that does not result in all of your contacts receiving the scary "this person's key has changed" message.
"Moving your account" is not what i talk about, besides not being possible between android and ios with history. User agency means a user is allowed to access his data and do what they want with it how they want, realtime and with whatever code they want to write to do so.