They called it “Android RCS Archival.”
It happened on Pixel phones and other Enterprise-managed Android devices.
And then the privacy of your texts—RCS and SMS—just evaporated.
Forget the end-to-end encryption hype. That encryption protects your message in transit. Once it lands on that work-managed device? It’s decrypted. And now, Google is letting approved third-party archival apps plug directly into the Google Messages app itself.
This means your employer can now read and archive those RCS chats. They can log them for compliance reasons. This isn’t just for super regulated industries anymore, either. All organizations can enable it. Suddenly, that “perk” of having a work phone? Not so great anymore.
What Exactly Gets Archived? (Jotting Notes)
This archival solution is thorough, which is the scary part, let’s be real.
-
Sent and Received: Obviously, the message content itself.
-
Old Messages: It’s backwards compatible with older SMS and MMS texts, too.
-
Edits and Deletes: The system is notified upon every message event—sent, received, edited, or deleted. So, trying to clean up your chat after the fact? Doesn’t work. The archive has the record.
-
Transparency: Google claims employees will see a clear notification when the feature is active. But that’s the extent of the control you have.
The thing is… employees have always used texts differently from email. Email is insecure, everyone knows it gets monitored. Texting felt private, especially with encryption banners flashing. But that was a widespread misunderstanding of encryption. Once it’s on the device, it’s fair game for the device controller. Google just formalized it.
WhatsApp & Shadow IT: Where Do We Go Now?
This whole situation totally underlines why people jump to “shadow IT” systems—WhatsApp and Signal. They want to communicate without the corporate eye.
The good news? The update is specific to RCS within Google Messages. It does not affect WhatsApp or Signal. These are “over-the-top” platforms. They control their own encryption and decryption, and they are not deeply embedded into the phone’s OS like carrier-level RCS is.
However, even with WhatsApp, you have to be careful about backups. If your WhatsApp backups are wrapped into a general, non-encrypted phone backup (like backing up an iPhone to iCloud without Advanced Data Protection), then your saved messages can be accessed. WhatsApp offers fully encrypted, standalone backups. You need to use those.
And here’s the other kicker, the counterparty risk. It doesn’t matter how secure your end is. If the person you’re messaging takes a screenshot, has an unsafe backup, or uses some spyware browser extension (which, surprise, are still being discovered), your content is compromised.
Now, you just add “Work-Phone Archival” to the list of risks. You won’t know if the person you’re chatting with is on an archived work phone. You just have to beware of anything you send. The rules changed today. Forever ongoing.
End…..
