Whether you send texts through iMessage on iPhone, RCS on Android, or a third-party app like Signal, all of them boast end-to-end encryption, which is designed to keep your chats safe, secure, and private. No one can read them but you, right? Not so fast. Thanks to a little flaw in the way your phone delivers notifications, the FBI may be able to read your conversations and even use them against you in a criminal trial.
The case
On July 4, 2025, a group of “violent assailants equipped with tactical gear and weapons” descended on an Immigration and Customs Enforcement Prairieland Detention Facility in Alvarado, Texas. One source claims that they set off fireworks and vandalized the facility. A police officer was even shot in the neck during the event. Luckily, the officer survived, and 10 perpetrators were apprehended four days later. Eight of the defendants were found guilty of multiple charges in their trial last month, and part of the evidence used to convict them came from an unlikely source: text messages procured by the FBI that were sent via Signal, an end-to-end encrypted messaging app.
This bombshell revelation comes with a few hard facts to keep in mind.
The question on everyone’s minds is, “How?” Signal’s powerful E2EE technology — dubbed the Signal Protocol — is lauded by technology enthusiasts and privacy proponents as one of the best open source encryption solutions available, yet somehow it was bypassed entirely. Even more concerning, the Signal app was already deleted from the suspect’s phone by the time the FBI gathered the incriminating messages, meaning that at least some chat data was both left behind and accessible.
So if Signal is exceptionally safe, secure, and private, how did the FBI easily gather these incriminating text messages for trial?
As it turns out, the flaw that handed this data to the FBI had nothing special to do with Signal. The feds could have gathered messages from any app, thanks to the way smartphones manage one of their most popular features.
The flaw
When you receive a push notification on your device, it comes across as a glanceable snippet of information complete with the app’s name, the app’s icon, and the details of the notification. These are known as notification previews.
Push notifications work for nearly every app — messages, social media, email, everything. And to make sure you get the most useful information from push notifications, they’re set to show snippets by default, letting you know exactly why you were pinged in the first place.
Unfortunately, while the apps that send push notifications can be encrypted, the information displayed in push notifications is stored as plain text within the device and openly available with the right tools.
RELATED: RED FLAG: FBI says these apps let China suck up your personal data
Dragos Condrea/Getty Images
That means the FBI can easily access and read this information for any push notification from any app on your device, assuming it has your phone in its possession. This includes private chats.
Notification previews on (left) and off (right)Zach Laidlaw/iOS 26 on iPhone 17 Pro Max
Cold hard facts
This bombshell revelation comes with a few hard facts to keep in mind:
This flaw only records incoming messages through the notifications system. It cannot save or replicate outgoing messages from the target device, since these are never displayed as notifications for the main user.The FBI can’t remote-connect to a targeted device to access this information. It must physically have the phone in its possession, which requires a warrant or subpoena.Although this particular case involved an iPhone, the flaw works on both iPhone and Android.
The worst part is that this isn’t the first time this particular exploit has popped up. In late 2023, Democrat Sen. Ron Wyden (Ore.) warned that governments could spy on iPhone and Android users through push notifications using a similar method. This vulnerability has been known and exploited for years with no solutions from Apple or Google.
How to hide your notifications from government spying
The good news is that there is something you can do to fix the problem right now, but it will make your phone a little less glanceable. Apple’s iOS offers a way to hide app previews from the notification system. When previews are disabled, you will still see when you receive a notification, but the information inside will be hidden from the notification shade, ensuring it isn’t recorded or saved for later access.
To disable notification previews on iPhone, open the “Settings” app and tap “Notifications.” In the first section of text, you’ll find “Shows Previews.” Tap there and change the preview option to “Never.” If you don’t want to disable all previews, you can also disable these on an app-by-app basis by clicking on the app you want to hide and adjusting its settings.
Zach Laidlaw/iOS 26 on iPhone 17 Pro Max
As for Android, the only way to hide notification previews is to disable notifications entirely, either for the whole system or for individual apps.
This isn’t advised, of course, since you may miss important notifications, but if you’d like to add an extra layer of protection between you and the government, open the “Settings” app and hop into the “Notifications” section. Then select “App Notifications” and uncheck every potentially problematic app on the list. For even more insurance, disable notification history as well.
Zach Laidlaw/Android 16 on Google Pixel 10 Pro XL
Given that this flaw has existed for years without a solution makes it unlikely that Apple or Google will patch their operating systems anytime soon. Unfortunately, this appears to be more of a feature than a bug, prompting users to take their notification settings into their own hands to prevent unwanted data leaks.
Tech, Fbi, Encrypted data, Privacy, Smartphone
