Signal, the ‘encrypted messenger of the future,’ has shady links to US national security interests

27 Jan, 2021 12:06

By Kit Klarenberg, an investigative journalist exploring the role of intelligence services in shaping politics and perceptions.

If the sudden popularity of the encrypted messenger Signal has seemed suspicious to you, you may be onto something – the app is at least partially funded through American foreign influence cutouts.

On January 4, WhatsApp announced sweeping changes to its privacy policies, affecting the vast bulk of its approximately two billion users globally.

The poorly explained rules were interpreted by many as proof that the messaging service was about to commence sharing users’ private data, including their conversations, with parent company Facebook, and in response millions the world over began flocking to alternative messaging services that offered end-to-end encryption.

The most common destinations for WhatsApp exiles were, and remain, Signal and Telegram. For reasons unclear, while available figures suggest the latter has to date received many orders of magnitude more fresh arrivals than the former, corporate news outlets have overwhelmingly focused on Signal’s surging intake.

Much of this coverage has been highly approving – for instance, The Guardian published a lengthy explainer on January 24 titled “Is it time to leave WhatsApp, and is Signal the answer?” The headline was answered very much in the affirmative, to the extent that readers were offered advice on persuading their contacts to likewise make the switch.

The media’s damascene conversion to the cause of encrypted communication is rather incongruous. With a few notable exceptions, mainstream reporting on encryption is typically neutral, if not outright condemnatory, the capability frequently framed as purposefully offering sanctuary to philanderers, drug dealers, paedophiles, assassins, and anyone with something sinister to hide in general.

Such perspectives strongly reflect the public positions of governments and security services worldwide, to which end-to-end encryption is by definition an extreme detriment, significantly curtailing the monitoring and collection of citizens’ communications. Privacy advocates contend authorities’ oft-expressed anxieties about encryption providing a “safe space” for criminals and the like are a cynical smokescreen to justify crackdowns on their usage and availability.

Whatever the truth of the matter, efforts to restrict access to end-to-end encryption are demonstrably ongoing, but have predominantly gone largely uncriticized if not outright unremarked upon. Now though, news outlets seem widely gripped by encryption fever.

In a palpable illustration of this abrupt paradigm shift, a mere three days before it effectively urged its readers to install Signal, The Guardian lambasted Facebook’s plans to implement end-to-end encryption across all its messaging platforms, on the basis that the move could harm efforts to reduce child exploitation.

Also on rt.com Twitter and Facebook transformed US politics into a shouting match. Has it saved their monopoly status, or doomed it?

‘At no cost around the globe’

Serious discussion of Signal’s history, and funding sources, has been entirely absent from the deluge of puff pieces on the platform to circulate far and wide in recent weeks – an omission perhaps predictable given the centrality of the US national security state to the app’s financing, creation and promotion.

Signal was launched by now-defunct Open Whisper Systems (OWS) in 2013, brainchild of shadowy tech guru ‘Moxie Marlinspike’ – real name Matthew Rosenfeld. In February 2018, responsibility for managing the app passed to the nonprofit Signal Foundation, launched with $50 million in startup capital provided by billionaire former Facebook higher-up Brian Acton, the Foundation’s executive chair.

OWS never published financial statements or disclosed the identities of its funders at any point during its operation, although the sums involved in launching and maintaining a messaging platform used by a vast number of people internationally over several years were surely significant.

Rosenfeld alleges the app “never [took] VC funding or sought investment” at any point during that time, and quite how much money was involved in total is a mystery. It’s clear though that at least $2,955,000 was provided by the Open Technology Fund (OTF) 2013-2016, and the organization’s website refers to Signal being “originally developed with OTF funding.

The site is also home to a dedicated OWS profile, which boasts of how the OTF “enabled the OWS team to continue providing Signal at no cost around the globe and adapt their operations for a growing user base.”

Propaganda radio rabbit hole

The OTF was created in 2012 as a pilot program of Radio Free Asia (RFA), an asset of US Agency for Global Media (USAGM), which is in turn funded by US Congress to the tune of $637 million annually – in August 2018, its then-CEO acknowledged the outlet’s priorities “reflect US national security interests.

RFA’s own origins harken back to 1948, when National Security Council Directive 10/2 officially authorized the then-newly created Central Intelligence Agency to engage in operations targeted at communist states, including propaganda, economic warfare, sabotage, subversion, and “assistance to underground resistance movements.

Also on rt.com Christopher Steele’s declassified FBI interview: Playing up fake sources and juggling spying jobs

The station formed a key part of this effort, along with Radio Free Europe and Radio Liberation From Bolshevism, later Radio Liberty – it broadcast unrelenting propaganda in China, North Korea, Vietnam and elsewhere. In 2007, the CIA’s official website stated these “psychological warfare” initiatives were among “the longest-running and successful covert action campaigns” the US ever mounted.

After the CIA’s role was made public in the 1970s, Congress took over running and funding the stations, before in 1999 they were grouped along with other state-run media entities under the umbrella of the Broadcasting Board of Governors, USAGM’s forerunner.

‘Shadow internet systems’

The launch of the OTF followed the US State Department, then led by Hillary Clinton, pursuing an “Internet Freedom” policy, ostensibly an effort to develop tools to subvert restrictive internet policies.

However, an extensive June 2011 New York Times investigation pointed to a far darker raison d’etre, concluding that the endeavor was in fact an effort “to deploy ‘shadow’ internet and mobile phone systems dissidents can use to undermine repressive governments.

Among these assets were State Department-funded “stealth wireless networks,” which would enable activists “to communicate outside the reach of governments in countries like Iran, Syria and Libya.”

Reinforcing this conclusion, in February 2015 Jillian York, director of the International Freedom of Expression at the Electronic Frontier Foundation and an OTF advisory board member, stated that she “fundamentally” believed Internet Freedom was “at heart an agenda of regime change.

It may be no coincidence that Signal founder Rosenfeld previously created encrypted communications programs TextSecure and RedPhone, both featured in a March 2013 Gizmodo guide, “Which Encryption Apps Are Strong Enough to Help You Take Down a Government?

USAGM is moreover evidently extremely proud of Signal, an official factsheet published November 2019 giving the app top-billing in a list of “tools supported by OTF.” The agency might be, given how popular it has become with dissidents overseas, including those in countries and regions of intense interest to Washington.

For example, Signal became the messaging platform of choice for protesters in Hong Kong after its launch, just as the National Endowment for Democracy, the US government regime-change arm, greatly increased its direct and indirect support and promotion of activists and activist groups there.

In an unexpected twist, in June 2020 funding for a number of USAGM projects was unexpectedly frozen, including OTF plans to directly aid protesters in Hong Kong, just as the administrative region prepared to implement a highly controversial and much-contested national security law.

One was the creation of cybersecurity incident response teams to analyze Chinese surveillance techniques in real-time during demonstration, and share relevant information directly with developers of secure communications apps, in order to circumvent crackdowns and restrictions. Another shelved initiative was a $500,000 rapid response fund in support of anyone subject to “digital attack” by authorities.

Still, the next month Signal became the most-downloaded app in Hong Kong, the app’s official Twitter account resultantly boasting that unlike competitor Telegram, which had just announced it would cease cooperating with authorities’ requests for user data, “we never started turning over user data to HK police.”

Devil on your shoulder

There’s no suggestion whatsoever that any US security agency had a direct hand in crafting the app’s now world-standard encryption system, or plays a day-to-day role running the company. However, the same can’t be said of popular internet anonymity browser Tor, which is frequently recommended by privacy advocates in the same breath as Signal.

First developed by US Naval Research Laboratory employees in the mid-1990s, Tor quickly caught the attention of the Defense and Research Projects Agency (DARPA), and since then has been almost entirely funded by US government entities, including the Pentagon, to the tune of tens of millions.

Its original purpose was to shield clandestine government operatives from detection in the field, by insulating them from the inherently open nature of the internet, although the potential of Tor’s anonymizing powers to enable regime change in enemy countries wasn’t lost on its funders. Perhaps unsurprisingly, it’s also supported by the OTF, and features alongside Signal in the aforementioned USAGM factsheet.

In March 2011, Tor developer Mike Perry conceded the browser may “unfortunately” not provide effective sanctuary from prying governmental eyes.

“Extremely well-funded adversaries that are able to observe large portions of the internet can probably break aspects of Tor and may be able to deanonymize users,” he said. “Though I personally don’t believe any adversary can reliably deanonymize all Tor users… attacks on anonymity are subtle and cumulative in nature.”

Among the most well-funded “adversaries” of internet privacy are of course the NSA and GCHQ, and classified documents leaked by Edward Snowden in 2013 revealed the partner agencies devote considerable time and resources to attacking and undermining the service and its users.

However, the papers also indicated the pair were keen not to discourage citizens from using Tor. After all, given that it congregates anyone and everyone with something or other to hide on a single network, surveilling their activities is made all the easier. So does Signal – and therein lies the rub.

Think your friends would be interested? Share this story!