It's not in the same ballpark, but this entire topic is about "An Ethical Replacement for WhatsApp". Should we then accept potential privacy issues with another service, if they are somewhat of an improvement overall? Or should we rather strive to find an alternative which also addresses or avoids those potential privacy issues.

I've been really hesitant to view Signal as a privacy friendly alternative to WhatsApp, because they still don't offer any way to make an account without a phone number, while a phone number is definitely not required to run a chat service.

Also the fact that servers are run by just one organization is very troubling to me. It's just not the right direction.

Perfect is the main enemy of good. I rather use Signal to escape the big tech clown show than wait for another decade for the perfect tech to come along, meanwhile either not communicating with anybody or using the exact services I really want to avoid.

I'm still waiting for the "other issues" to be explained that Signal supposedly has. I'm ok with my contacts knowing my phone number, and I opened the Signal account ages ago. Anything else to be concerned about?

I feel like "perfect is the enemy of good" only works when you (still) have to put considerable effort to make it better, e.g. when building software.

However currently there are already better alternatives than Signal, so in my personal opinion I feel like that saying does not apply.

It's very fine if you (and most people) are OK with sharing some personal information with a United States organization. That does not mean that everybody is fine with that, or that it's a very good solution to a chat service problem. I'm glad that Signal is a good match for your needs. But there are those of us who would rather see a decentralized service with which no personal information has to be shared.

In these kinds of discussions, I often find it a little strange when others decide that a certain solution or product must be good for everyone only because they are fine with it themselves.

If you read it again then you will notice that I didn't claim anything about everyone, only about myself. No strawmen please.

But I was asking for other issues, and you have not actually provided any?

> “Perfect is the main enemy of good”

Interesting to see this debate evolve.

Seems that phrase “perfect is the enemy of the good” is a relativistic argument. But the title’s frame is “ethics”, which one definition describes as “what is good in and of itself”. In that frame, perfection is the point, no? Though, I imagine you argue in this framework by elevating some aspects to that high standard, and work to convince other aspects are secondary. Otherwise, result is a preference argument where the trade offs you made are silent or obscured behind the practicality of your choices.

Actually not, because Facebook and Google at least explain what happens with your personal data. Again, Signal doesn't do even this.

[1] https://signal.org/legal/

First thing i saw when i clicked the link.

“Privacy of user data. Signal does not sell, rent or monetize your personal data or content in any way – ever.

Please read our Privacy Policy to understand how we safeguard the information you provide when using our Services.”

I clicked Privacy Policy and there is whole page explaining whats happening with your data.

Your comments seem a bit biased?

Also, this is untrue, as they monetize personal data by sharing it with ad networks.

You can visit their donation page [1] that contains ad pixels from LinkedIn, Google Tag Manager and Reddit. Again, no details in the privacy terms [2] about sharing visitor data to those companies.

[1] https://signal.org/donate/

[2] https://support.signal.org/hc/en-us/articles/360032293251-Do...

That's fair critique. Their website uses third parties to work and some of the services they shouldn't use. Others they probably have to use.

But you are implying that this makes the app itself broken. I don't think this is proof that the app itself is not respecting privacy like their legal documents say.

I won't fight for them. I've never even been on their website. But this is classic situation where someone else is in charge of website and marketing. I wouldn't be surprised if slapping google analytics on a website was standard for every other "privacy focused" marketing product.

When someone takes clients' private information and shares it with other businesses without providing transparency over this fact, it is actually a breach of privacy. In terms of Signal, these breaches are both about their application and about their website, illustrating a complex issue with privacy in their business organization.

I'm not saying that the app is broken, I said that it handles user privacy unacceptably poorly.

The primary purpose of a Privacy Policy is to explain how and with whom a company shares PII with service providers. This is something that is completely missing from this document for the last 7 years, according to the date of the last update at the bottom.

and what if they aren't sharing any personal data with service providers? Should they start so that you can feel their policy statement is more honest?

This is incorrect. Look at the code, there are many services integrations including PayPal, captchas etc. All this must be in privacy statement, as even IP is considered as PII according to GDPR.