Employees worry that, should Signal fail to build policies and enforcement mechanisms to identify and remove bad actors, the fallout could bring more negative attention to encryption technologies from regulators at a time when their existence is threatened around the world. //

“The world needs products like Signal — but they also need Signal to be thoughtful,” said Gregg Bernstein, a former user researcher who left the organization this month over his concerns. “It’s not only that Signal doesn’t have these policies in place. But they’ve been resistant to even considering what a policy might look like.” //

For years, the company has faced complaints that its requirement that people use real phone numbers to create accounts raises privacy and security concerns. And so Signal has begun working on an alternative: letting people create unique usernames. But usernames (and display names, should the company add those, too) could enable people to impersonate others — a scenario the company has not developed a plan to address, despite completing much of the engineering work necessary for the project to launch. //

Marlinspike said, it was important to him that Signal not become neutered in the pursuit of a false neutrality between good and bad actors. Marginalized groups depend on secure private messaging to safely conduct everything from basic day-to-day communication to organized activism, he told me. Signal exists to improve that experience and make it accessible to more people, even if bad actors might also find it useful.

“I want us as an organization to be really careful about doing things that make Signal less effective for those sort of bad actors if it would also make Signal less effective for the types of actors that we want to support and encourage,” he said. “Because I think that the latter have an outsized risk profile. There’s an asymmetry there, where it could end up affecting them more dramatically.”