Over 6 billion text messages are sent in the U.S. every single day. That’s 6,000,000,000. Ninety-seven percent of Americans send at least one text message per day. The average Millennial exchanges 67 texts per day. Text messaging is rapidly becoming the preferred method of communication for many people. But just how private are those messages? Do you know? Do you even care?
Although it’s not completely bulletproof, Apple’s iMessage service comes close, by providing “end-to-end encryption” for the content of the messages exchanged using its servers. That protects the actual messages you exchange, but there’s other useful data from those messages that law enforcement can still obtain. For example, the geolocation data and other metadata attached to each message is not necessarily encrypted, and can therefore be accessed by law enforcement — with a warrant, that is. That’s because thanks to the U.S. Supreme Court’s unanimous 2014 decision in Riley v. California, police are required to get a search warrant before they can lawfully access any individual’s smartphone.
Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety.
— Benjamin Franklin
So how private are your text messages? The answer depends, because they’re about as private as you want them to be. If you use Apple’s iMessage service, and your account is secured with a strong password, and two-factor authentication, and you don’t share any devices with your children, spouse, or other individuals, then you’re in pretty good shape. Again, it’s not bulletproof, but it’s reasonably secure.
To put it bluntly, I am confident that my messages are private, but only to the extent that the person I’m exchanging messages with cares about their own privacy. For that reason alone, I will not discuss sensitive issues or privileged matters with clients via text message. Problems will arise. For example, who owns the device they’re using to communicate with me? Who pays for the service? Is it a shared plan? When the device or the service (or even the Wi-Fi connection) is provided by a third party, such as an employer, for example, can have serious implications on whether the communication is in fact privileged or not.
Right now, there is a fight on Capitol Hill, and in state legislatures across the country, to enact laws that would require smartphone manufacturers to provide a “backdoor” to any communication device manufactured and sold. Just last month, a New York state senator proposed a bill that would require any smartphone “sold or leased in New York,” to “be capable of being decrypted and unlocked by its manufacturer or its operating system provider.” In reality, bills like this, which are only effective at the state level, are misnomers. The only effect they could have is to send New Yorkers to neighboring states to purchase smartphones. To be effective, anti-encryption laws would have to be enacted at the federal level. Period. And that’s not happening anytime soon.