The home affairs department began allowing staff to use Signal in response to the Covid-19 pandemic in 2020, and even advised employees how to turn on disappearing messages, documents obtained by Guardian Australia reveal.
The use of the app by government officials in Australia has come into focus after the global fallout from revelations that top US officials discussed operational details of a plan to strike Yemen in a Signal group chat that accidentally included the Atlantic’s editor Jeffrey Goldberg.
Signal is known for its privacy and disappearing message features. An American government watchdog group is suing the US officials, arguing that using an app with disappearing messages could put it in breach of legal obligations around record retention.
Guardian Australia sought policy documents held by home affairs – the department responsible for national security – on the use of Signal and other encrypted apps by staff, using freedom of information laws.
In an April 2020 guide provided to staff as the government grappled with the working-from-home requirement of the Covid lockdowns, the department stated that Signal had been approved for use by staff but said “official decisions made on this platform must be documented and saved to [the records management system]”.
However, the policy document lists one of the benefits of Signal as allowing messages to be sent with an expiry time, “after which the messages are deleted from the sender and recipient devices”. As “additional security advice” staff were instructed on how to turn on disappearing messages in Signal. Staff were also instructed not to enable chat backup.
A separate policy document for email, instant messaging and social media stated that messaging applications “are not appropriate for recording or storing records” and advised employees to “extract, take a screenshot or take note of any official business conducted on a mobile messaging application” for recording.
“Workers are responsible for ensuring that the settings used on devices do not erase records automatically before workers can save the records,” it read.
Documents outlining which apps were approved for communicating were highly redacted, with the department arguing that releasing the information would adversely affect the operations of the agency.
A home affairs spokesperson said records created by the department must be managed in accordance with records policy, and Signal messages “may be records of the commonwealth, depending on the content of a message”. The spokesperson indicated the records retained could go beyond just official decisions made on Signal.
“Discussion of a decision may be a record if it was created in the course of carrying out the business of the department.”
In March, the home affairs secretary, Stephanie Foster, admitted to using disappearing messages in Signal in “some cases” in her role.
“I use messaging apps – Signal included – for purposes that one might typically use a phone call for,” she said. “So, to set up a meeting, or to ask if someone’s free.”
But Foster said she complied with record-keeping requirements.
In March, the Office of the Australian Information Commissioner (OAIC) and the National Archives of Australia released an investigation into how agencies were using encrypted apps and what security and record rules were in place for work-related conversations occurring on them.
The report found that, of the 22 government agencies that responded to a survey on encrypted app use, 16 permitted its use by staff for work purposes. Of those, just eight had policies on the use of the apps, and five of those addressed security requirements for communicating on the apps.
The National Archives said home affairs’ advice to staff was consistent with its own guidelines, including allowing disappearing messages.
“The feature of disappearing messages can be used in conjunction with records management policies and guidelines,” a NAA spokesperson said.
“Agencies should retain or destroy records in line with relevant records authorities or the agency’s normal administrative practice.”
This process allows agencies to destroy “certain types of low-value and short-term information in the normal course of business”, the spokesperson said.
A spokesperson for the OAIC said messages should be subject to FoI if those messages supported the business of an agency.
“Agencies should consider the importance of upholding this right to access information in their records management policies.”
After the bombshell Atlantic report, it was reported that the US defence secretary, Pete Hegseth, had shared sensitive operational information about strikes on Houthi rebels in Yemen on a private Signal group chat he set up himself to communicate with his wife, brother, personal lawyer and nine associates.
It was also reported Hegseth had an unsecured internet connection set up in his Pentagon office so that he could bypass government security protocols and use the Signal messaging app on a personal computer.
