What Cybersecurity Experts Want You To Know About Leaked Texts
What Cybersecurity Experts Want You To Know About Leaked Texts
https://www.huffpost.com/entry/cybersecurity-text-leaks_n_696fa836e4b0ced6f58707d5
Publish Date: 2026-01-20 19:57:00
Source Domain: www.huffpost.com
Using an unordered list, summarize the following article with between 4 and 8 key points. We all have a regrettable person or two in our contacts that we probably shouldn’t be texting — and plenty of us have learned what happens when you don’t watch your own back in an exchange with a frenemy who has quick screenshotting fingers. It seems French President Emmanuel Macron learned this lesson the hard way when President Donald Trump included screenshots from their text exchange and posted them early Tuesday morning.While the behavior might be uniquely worrisome when exhibited by world leaders, we do live in an age of “receipts! proof! timelines!” when private citizens surveilling one another (often explicitly trying to punish others via that same surveillance) feels fairly normalized.No, you aren’t going to have matters of foreign diplomacy blown up for public consumption ― but that bitchy comment you made in the soccer team carpool group chat could break containment in an alarmingly similar way. HuffPost spoke with experts on the practical and legal side of cybersecurity to unpack how you can keep yourself and your communications a little bit more secure. Here’s what Macron (and you) can take away from getting your texts screenshotted and posted. There may not be anything “illegal” about Trump’s screenshot posting. But that doesn’t mean there won’t be consequences. They just aren’t quite legal ones. “As far as I’m aware, there haven’t been any international treaties or any laws that have been broken due to this,” Maria Villegas Bravo, counsel for theElectronic Privacy Information Center, told HuffPost.“There’s no real expectation of privacy outside of the trust you place in these other people that you are working with and sending messages to, so it is definitely breaking an unspoken mutually-assured agreement among a lot of the members of diplomatic corps [and] among world leaders,” she said.However, it can be really concerning to see leaders demonstrate a less-than-safe cybersecurity ethos — and it makes sense if it raises some alarm for you as a citizen.“There really needs to be a lot stronger op-sec, both in terms of a counterintelligence angle of other governments learning what the US government is up to — that is obviously a huge angle — but also for transparency reasons,” Villegas Bravo said. “There are a lot of records that should be maintained by the federal archives that just aren’t being documented properly and that means that there’s less transparency into what the government is deciding to do, how they’re deciding to do things and what they’re able to provide in FOIA requests or other open-government requests.”“I do believe this is going to limit a lot of the trust and a lot of the ability of world leaders, international governments, from speaking candidly — and maybe not through official channels with the US government,” Villegas Bravo continued. “So there might be some breakdown in communication. But, technically, from what I understand, not illegal.”picture alliance via Getty ImagesThe trustworthiness of the person on the other end of the line matters a whole lot when deciding whether to use a more informal communications channel like texting. Private citizens do have a few more protections — for example, if your private information is “leaked to the press or the community at large,” Villegas Bravo said. You might be able to sue in cases where your privacy has been violated in a way that is “sufficiently widespread to be constituted as disclosure.” (Think: something like the Hulk Hogan sex tape situation in 2015.) Likewise, some state-level laws like Daniel’s Law in New Jersey allow “covered persons” (judicial officers, prosecutors, law enforcement, child protective service investigators and their immediate family members who share a household with them) to have publicly identifying information deleted from public websites. “If [a covered individual’s] private information, their address or their phone number, is leaked to the public, they are able to have that taken down or have that removed from public websites,” Villegas Bravo noted, “which is really great, but should be expanded really to the general public.” But, again, these laws don’t protect you from someone you chose to communicate with choosing to pass along what you communicated to them. We’ll get to some more technical tips later — but the best defense is not sending something you wouldn’t want read aloud via text.“There’s a very common refrain in like the legal world: ‘Don’t send an email, don’t send a text, unless you’re willing to have a judge read it into the record in trial.’” Villegas Bravo said, later adding: “That should be something you’re considering with every message you send, especially with more sensitive or more intimate details or maybe classified information.”This can feel obvious, but it’s something a lot of people might overlook in daily life, when our phones feel like extensions of ourselves and the threats to privacy are so numerous.That’s also why it’s important to consider the proper channel for the kind of communicating you’re doing before you send a text. This can range from making sure you’re using the “correct” channels for more official work (like if you work in the government) or “monitoring your communications, knowing what should be an in-person conversation versus what should be written down versus what should be maybe a phone call,” Villegas Bravo said. This is also important for activists in group chats (yes, even the encrypted ones): “I think people get a little bit more willy-nilly there, thinking like ‘Oh, I’m on an encrypted chat platform. Therefore, this is safe,’” Thorin Klosowski, a security and privacy activist at the Electronic Frontier Foundation, told HuffPost. “But that just kind of accounts for one part of the equation, one part of the danger. If there’s people you don’t know in there, that’s always gonna be a risk — even just people that you do know who maybe you don’t trust super well.” Avoiding handing a “paper trail” over to someone who sucks certainly helps. Ultimately, the trustworthiness of the person on the other end of the line matters a whole lot when deciding whether to use a more informal (and often more insecure) channel like texting. Villegas Bravo said a lot of this comes down to “forethought” and “knowing who you’re talking to when you’re talking to them and what kind of paper trail you’re leaving.”“It’s one of those things where it’s like you don’t expect the leader of a country to so blatantly go against known diplomatic practices,” she said. “But for, like, the everyday person? Yeah, just know who you’re talking to. Do you trust them? How much are you willing to go public with certain things?” In a worst-case scenario where your texts get screenshotted and leaked, as Klosowski said, you might just end up at the mercy of that recipient’s humanity. And, unsurprisingly, your mileage may vary with that one.“I don’t know that there’s much you can do beyond asking that person politely to remove the thing that they shared or to not [share it] if they have a screenshot but haven’t posted it on the internet,” Klosowski said. “I don’t think there’s a lot you can really do beyond just appealing to their human nature.”It’s up to you to determine if the person on the other end is someone who has such a nature you can appeal to — but you can avoid putting yourself in that situation entirely by also staying firmly aware of who you are speaking to and what you are speaking to them about. (And that does include checking to make sure the chat you’re in doesn’t have some random guy in it.)“In my experience, people just kind of tend to forget — especially in group chats — there’s a lot of different people in those and forgetting who is in them or not knowing everyone who is in them is kind of a recipe for something to get screenshot or shared without your knowledge,” Klosowski said.You do still need to practice some digital hygiene.A high-level faux pas can be an open door to cleaning up your own cybersecurity hygiene and safeguarding your own butt against an embarrassing and preventable disclosure. One thing both Klosowski and Villegas Bravo emphasize is that using and familiarizing yourself with encrypted messaging options (and their features) is something you should prioritize. “There are some tools in some apps that you can use,” Klosowski adds. “Especially with one-on-one communications, you can turn on something like disappearing messages, which at least makes it so something doesn’t stick around — but does not stop someone from screenshotting in the moment.”Even if you are already firmly using one of these apps, it can help to get under the hood of the specific one you’re using (EFF has guides for Signal and WhatsApp readily available) and understand how features like disappearing messages, group chats and even your contact list work to avoid doing something you’ll regret.“There’s not a magic bullet here, and I think that’s kind of the lesson for all of us,” Klosowski said. “You can tweak settings to any degree, but if you aren’t familiar with how the apps work, what they’re doing and what your friends aren’t doing … having a curiosity about how these work and actually spending time in [them] instead of just sending messages back and forth and assuming you’re safe is the best way to protect yourself with the people you talk with.” You can also use resources like EFF’s “Surveillance Self Defense Toolkit” to familiarize yourself with more cybersecurity best practices that fit you and your communication style.
