What price privacy? End-to-end encrypted (E2EE) messaging app Signal has put out an interesting overview of the costs required to develop and maintain its pro-privacy systems which shield user data from tracking by default.
The blog post, penned by Signal president Meredith Whittaker and developer Joshua Lund, reveals it’s currently spends around $14 million per year on infrastructure to run the private messaging service; and a further $19 million per year on staff costs — making a total of circa $33 million to keep the lights on and its “many millions” of users’ messages safe from unintended eyes.
It also projects the cost of running its service will rise to around $50 million by 2025.
The post doesn’t break out a figure for active users for the service. But it’s likely to be in the tens of millions. (A Business of Apps‘ estimate suggested Signal had around 40 million monthly active users in 2021; while App Annie data we reported on at the start of that year suggested it had around 20 million users at the end of 2020 — prior to a surge in usage driven by an exodus of WhatsApp users concerned about changes to the Meta-owned messaging app’s privacy policy.)
Per the post, just 50 full-time staff keep the messaging service running, while also conducting research to keep pushing the envelop on privacy protection and — in the case of Whittaker at least — having what looks like a full-time job in and of itself in public policy advocacy that’s seen her shuttling around the world in recent months to defend privacy rights and try to fend off government incursions targeting E2EE.
The post conveys a clear message: Going against the tech industry grain by keeping users safe from surveillance is an expensive — but vital — enterprise.
Signal is a nonprofit so it’s not a money-making kind of enterprise. But of course it still needs to have enough funds coming in to cover costs. And, clearly, costs are rising as usage increases. Which means it needs to be proactive about finding ways to increase revenue that don’t compromise its fundamentally pro-user stance.
As the blog post details, Signal goes much further in safeguarding user privacy than even the mainstream messaging apps that have implemented its E2EE protocol (such as Meta-owned WhatsApp). “To take one example, profile pictures and profile names are always end-to-end encrypted in Signal,” it writes. “This means that Signal does not have access to your profile name or chosen profile photo. This approach is unique in the industry. In fact, it has been more than six years since we first announced this additional layer of protection, and as far as we know none of our competitors have yet adopted it.
“Other messengers can easily see your profile photo, profile name, and other sensitive information that Signal cannot access. Our choice here reflects our staunch commitment to privacy but it also means that it took Signal more effort to implement support for profile photos. Instead of a weekend project for a single engineer, our teams were required to develop new approaches and concepts within the codebase (like profile keys), which they worked to roll out across multiple platforms after an extended testing period.”
Disclosing how much it (already) spends annually on essential stuff like storage ($1.3 million), servers ($2.9 million), registration fees ($6 million), bandwidth ($2.8 million), other infrastructure needs like disaster recovery ($700,000), as well as the aforementioned $19 million on staff (covering wages, taxes and related HR costs), looks intended to (gently) jolt the audience — and, hopefully, get a few more users reaching into their wallets to chip in and help ensure a gold-standard private messaging choice.
“To put it bluntly, as a nonprofit we don’t have investors or profit-minded board members knocking during hard times, urging us to ‘sacrifice a little privacy’ in the name of hitting growth and monetary targets. This is important in an industry where ‘free’ consumer tech is almost always underwritten by monetizing surveillance and invading privacy,” it warns.
“Instead of monetizing surveillance, we’re supported by donations, including a generous initial loan from Brian Acton. Our goal is to move as close as possible to becoming fully supported by small donors, relying on a large number of modest contributions from people who care about Signal. We believe this is the safest form of funding in terms of sustainability: Ensuring that we remain accountable to the people who use Signal, avoiding any single point of funding failure, and rejecting the widespread practice of monetizing surveillance.”
As the post also details, even alternative tech tools like Signal must pay into the coffers of industry giants who own and operate essential app infrastructure like cloud computing as well as, typically, also being in the data capture and surveillance business.