It can't happen soon enough. I installed Signal a few years ago, and the first thing it did was notify a bunch of people I had in my contacts, that I was now using Signal...
...Including the unstable frenemy-guy who was only in my contacts so I'd recognize the number if he called and I'd know not to answer...
....who immediately PM'd me on Signal to push his latest delusion and make sure I didn't disagree.
Great, just great. For a privacy-focused product, that's a pretty colossal fuckup.
I agree. I found that behaviour disgusting, and that's why I avoid Signal.
Anyone who says Signal has good privacy is just wrong. When Signal say they have good privacy, that's false advertising.
Of course, Telegram does the same thing. I have Telegram installed, and I use it, but it wasn't really a choice. I needed to access a forum which is only on Telegram :/ Unfortunately that meant I had no choice but to have people who know me notified that I installed it. Someone messaged me about 30 seconds after I installed it to say hi. I'm not comfortable about this, but as I say, I didn't really have a choice.
Then there's WhatsApp. I was surprised to read an article which recommended that, of the three, WhatsApp is probably the most privacy-respecting of the apps. I have WhatsApp installed after a long period of avoiding it, because of all people recruiters started expecting it. Hmph. I still refuse to grant it access to my contact list, because I'm not handing that over to Facebook. Which means every message is associated with a raw phone number only, and I have to guess who it is from the content :-)
You can tell WhatsApp doesn't reveal so much, by the people who have sent WhatsApp messages without being told that the recipient doesn't have WhatsApp installed and won't see the message. I've known a few people this happened to. One installed WhatsApp and found they'd been sent a message a year earlier, from someone they thought wasn't talking to them. They were talking, but the sender assumed of course the recipient would have WhatsApp.
You might want to read Whatsapp terms of service, in particular the part where they claim copyright and even the right to make derivative works on anything you transmit over their platform.
Oh don't get me wrong. I don't want to use WhatsApp. I'm only on it at all because I need to speak with people who are using it without antagonising them. I still haven't granted it access to my contacts DB.
All three of Signal, Telegram and WhatsApp make me a bit off about using them for various reasons. None of them are what you'd call "user's privacy first".
As it is, I'm currently having occasional confidential chats (at someone else's request) on Telegram secret chats, and at least that probably is what it says it is.
I don't think any of these three apps are awful.
They are pretty slick, and useful.
I don't feel too bad actually using them, any more then using say MSN, Yahoo or Freenode.
They just don't meet the advertised bar of respecting individual privacy first. And I find that really misleading in the case of Signal and Telegram in particular, which emphasise the privacy angle, and then without letting you know, sprays everyone you ever interacted with outside Signal with a notification, including professional contacts, customer service agents, people you don't like, spammers, etc.
That's because most privacy design is done by nerds who think "CIA/NSA/GCHQ/Mossad/FSB etc. might secretly whisk me away to Gitmo for my thoughtcrimes" is a far more pressing problem in people's lives than "my partner is a coercive, controlling domestic abuser", or "my employer might fire me for trying to set up a union"...
Signal can't fix social problems. Sounds like you probably ought to cut the toxic person out of your life. Or if that's too confrontational, there's always the old, "Sorry, I just got this number, don't know who you're talking about."
I understand your frustration, but Signal didn't notify your contacts because you installed it. It notified the other person, because he had your phone number.
Your local Signal installation regularly checks if any of your contacts (with the phone numbers you have of them) are registered at the Signal servers - and then lets you know it, such that you can text this contact securely.
Many people might have my phone number, possibly from a long ago. But the number itself is pretty safe -- there is no way to tell if this phone is in use or not.
Signal breaks that assumption -- it immediately tells every other user that this number is alive, valid, and can be contacted right now.
This is a terrible idea to do by default, especially if one cannot disable it.
But in this case they do matter. When you give someone your phone number, you give them the possibility to contact you. And then it should be securely, if it's possible.
A check for "aliveness" of a number can be done without Signal. Just call and see if it is ringing. You get the same information. Your Signal profile name and picture, however, will only be shared when you accept it.
Although it lacks a notification in WhatsApp it's just as easy to check a phone number for 'aliveness'. When you select 'new conversation' you get a list of your contacts with a name (from your address book) and a picture and tagline.
This is all based on your address-book so it doesn't matter if the other party knows your number or not.
