The only way to have secure chat is to use end-to-end encryption, which means that only the communicating users can read the messages.

For more secure communication, we recommend using, in order of preference:

  • Signal
  • WhatsApp / Telegram

For more secure communication, we specifically recommend avoiding:

  • Facebook Messenger
  • SMS
  • Any other chat program not mentioned above

Some applications support automatically deleting chat messages after a given time period (such as an hour or a week). Consider enabling this feature for sensitive discussions.

Signal

Signal has end-to-end encryption for individual chats and group chats.

It supports automatically removing messages.

WhatsApp

WhatsApp has end-to-end encryption for individual chats. FIXME: Does it support e2e for group chats?

  • Make sure to disable unencrypted cloud backup.
  • Note that WhatsApp is owned by Facebook.

Telegram

Telegram has optional end-to-end encryption for individual chats. It does not support end-to-end encryption for group chats.

It supports automatically removing messages in individual chats, but not in group chats.

Element

Element has end-to-end encryption for individual chats and group chats.

It is unfortunately somewhat complex and not suitable for use by non-technical users at this time.

SMS

We recommend avoiding SMS for any sensitive discussions.

SMS can be easily intercepted by an adversary, and is readily available to your phone company and the state.

Facebook Messenger

We recommend avoiding Facebook Messenger for any sensitive discussions.

There is reason to believe that Facebook stores messages indefinitely on their servers, even if you request that they are deleted. All messages are readily available to Facebook and the US government.