This week, the EU Parliament rejected chat control for the second time. 311 MEPs voted against, 228 in favor. Sounds like a victory. It isn’t.
The third attempt is coming. It always comes. Every time with a new name, new framing — but “child protection!” remains the lever that never changes. And interestingly, this time the Social Democrats (S&D) voted mostly in favor. Left-right logic has long ceased to explain anything in surveillance debates.
What does this have to do with your apps? Everything.
Because as long as you’re talking about apps rather than infrastructure, you’re playing the very game that makes chat control possible in the first place. Every time a government agency gets hacked, a journalist arrested, or a scandal breaks, the same thing happens: “Use Signal!” Or lately: “Use Matrix!” Or Session. Or Threema. Or whatever’s trending at the moment.
The problem isn’t the app. The problem is the thinking behind it.
Crypto Doesn’t Solve What You Think #
In 2013, the NSA got a problem thanks to Edward Snowden: the public learned that a data center costing an estimated $1.5 billion was being built in Bluffdale, Utah. Purpose: store everything. Everything. Encrypted or not.
Why encrypted or not? Because encryption is a time problem, not an absolute. What’s secure with AES-256 today may be plaintext tomorrow with quantum computers. Harvest now, decrypt later is the strategy — collect today, decrypt when the computing power exists.
That fundamentally changes the question: not “how good is the encryption?” but “how much is the information worth in 10 years?”
For most people: not much. For journalists, activists, whistleblowers: a great deal.
Centralization Is the Real Target #
Signal is technically solid. The protocol is sound, the cryptography is state-of-the-art. But Signal is a US company with servers in the US. One server, one operator, one jurisdiction.
Signal leaks metadata too: who communicates with whom and when is demonstrably reconstructable from traffic analysis, even without knowing message contents.
WhatsApp (Meta), Telegram (server infrastructure in Dubai, owner in Dubai, taxes in the British Virgin Islands) — all centralized services. One warrant, one server access, one backdoor request is enough.
Matrix makes it more colorful: anyone can run a server. But matrix.org de facto dominates as the home server with a massive user base. And Matrix has another problem: it’s a protocol that was built as if a VC-funded startup decided to reinvent IRC — with blockchain aesthetics, room-state DAGs, and a complexity that regularly brings even experienced admins to their knees.
XMPP: The Protocol Everyone Forgot #
XMPP is boring. That’s the best thing you can say about it.
It has existed since 1999. It’s an open standard (RFC 6120+). It was once the backbone of Google’s GTalk. And it was — less well known — technically part of early Skype’s infrastructure for presence management, before Microsoft turned it into a proprietary soup.
Today, government agencies, military organizations, and critical infrastructure operators worldwide run XMPP instances. Not because it’s trendy. Because it works, because it’s decentralized, and because you run it yourself.
The ecosystem is fragmented, yes. XEPs — XMPP Extension Protocols — are the mechanism by which the protocol is extended. OMEMO (XEP-0384) for end-to-end encryption. Jingle (XEP-0166) for voice/video. HTTPFT (XEP-0363) for file transfer. Not every client implements everything.
That’s intentional. Not a design failure.
Fragmentation means: no single actor can control the ecosystem. Conversations on Android, Dino on Linux, Gajim for desktop power users, Monal on iOS — each client has its niche, and none needs permission from a central gatekeeper.
The Honest Answer #
When someone asks “how do I communicate securely,” the right answer isn’t an app recommendation. It’s a counter-question: against which threat model?
- Against nosy roommates: WhatsApp is fine.
- Against data harvesters and ad profiles: Signal or XMPP with OMEMO.
- Against state surveillance from an authoritarian regime: XMPP, self-hosted, over Tor, with a carefully chosen client.
- Against the NSA in 15 years: That’s a different question, and the honest answer is “don’t write it down.”
Decentralization doesn’t beat encryption — but it exponentially increases the effort for any attacker. There’s no single instance that can be compelled by a court order to hand over all data.
That’s the real point.
What You Can Do #
Running an XMPP server isn’t rocket science. Prosody or ejabberd run on any small VPS. With OMEMO enabled and a modern client, the user experience in 2026 is absolutely suitable for everyday use.
For those who don’t want to run their own server: there are public, privacy-friendly XMPP providers in Europe — including uuxo.net.
The question isn’t whether XMPP is perfect. The question is whether you want to trust a centralized service — or the protocol and your own server.
This article came about because every day someone asks which app is secure. The answer is more complicated than an app recommendation. And usually more uncomfortable.