I’ve been thinking about Signal lately, and specifically about something that’s always bothered me: why does the world’s most privacy-focused messaging app allow people to find you through your phone number?
Recently, Signal has tried to address this with usernames. You can now create something like “bobby41” and share that username instead of your phone number. Certainly, it is a step in the right direction, but it’s really just a bandage over the core problem.
Even with a username, Signal still enables contact discovery via phone numbers. Anyone who already has your number in their contacts can find you on Signal, regardless of whatever clever or random username you’ve chosen. Your phone number remains the master key to your Signal identity.
A better way forward
What if Signal simply turned off contact discovery via telephone numbers entirely? Instead of automatically exposing Signal users through phone number contacts, Signal could require explicit consent for all connections. Users would need to share their username directly or scan QR codes to connect. No more automatic discovery; no more unwanted contact, and no more privacy violations.
Phone numbers can remain for account security, account resets and verification, but contact discovery should become entirely user-controlled.
But what about convenience?
Let us think about that one: is automatic discovery really that convenient, or is it just familiar?
Most (all?) mobile phone-based messaging apps use contact discovery, perhaps because it was easy to implement or it provides a convenient way to connect with friends. While username systems have become common in social media and some online platforms, messaging apps have been slow to move away from phone number-based contact discovery. Besides Session, I’m hard-pressed to think of another example.
So, yes, you would need to actively share your Signal username instead of relying on automatic discovery, and that would be a feature, not a bug. It would mean that only people you want to contact you can actually find you on that network.
To put it another way, turning off contact discovery would make Signal connections consensual. For journalists, activists, or anyone who simply wants more privacy control over their communications, this would be a profound enhancement.
The harassment solution
Contact discovery via phone numbers enables harassment in ways that username-only discovery simply couldn’t. If someone wants to harass or spam you, they can easily find your Signal account if they have your phone number. As phone numbers are essentially public, those sources can include business cards, social media, or even somewhere less benign like data breaches.
With username-only discovery, harassment becomes much harder. An attacker would need to somehow obtain your specific username, which you only share with people you trust. They would no longer be able to run through a list of phone numbers, checking which ones use Signal.
For domestic abuse situations, this change could be truly life-saving. An abuser might use contact discovery to track and harass victims across platforms. Turning it off solves this problem.
Not perfect, but better privacy
Would this system be less convenient for users? No. Would it reduce Signal’s growth because finding contacts becomes slightly harder? I doubt it.
Signal has always positioned itself as the privacy-first messaging app. This change would make that positioning genuinely more meaningful; not just via encryption, but also by providing greater communication control to users.
Sometimes the best privacy improvements feel like steps backward in convenience. However, for users who want greater control over their digital interactions, that slight inconvenience becomes a feature.