Google Starts Sharing All Your Text Messages with Your Employer

https://www.forbes.com/sites/zakdoffman/2025/11/30/google-starts-sharing-all-your-text-messages-with-your-employer/

47•toomanyrichies•2mo ago

Comments

pavel_lishin•2mo ago

> While employees have long been aware of the risks in over-sharing on email — a woefully insecure technology that is easy for employers to monitor, texting has been seen as different.

I don't think they're even that aware, but yep - this will get some careless folks in trouble.

ChrisArchitect•2mo ago

Google post: https://blog.google/products/android-enterprise/rcs-archival... (https://news.ycombinator.com/item?id=46109856)

sidibe•2mo ago

I'm surprised this wasn't already the case for work phones?

palmotea•2mo ago

The article says it will allow "employers to intercept and archive RCS chats on work-managed devices."

I can read that as applying personal phones hooked up to employer services. I think it's pretty common to force employees to consent allowing their employers to manage their device to get access to work email on it. I'd always assume that just mean they could remote wipe it, but maybe it's even worse than that.

JohnFen•2mo ago

> I think it's pretty common to force employees to consent allowing their employers to manage their device to get access to work email on it.

Is it common? I've only been asked to do that once, and I declined. I explained that it's my policy to never use my personal equipment for work purposes or my work equipment for personal purposes. They provided me with a work phone to use, instead.

kaikai•2mo ago

I’ve worked for multiple companies and only one demanded I enroll my personal phone in their device management. I pushed back in a public channel and they reconsidered the policy. I left shortly after so not sure where that landed.

Everywhere else I’ve worked I’ve had slack/teams/email/pagerduty whatever on my personal device without issues. It hasn’t felt realistic to ask for a dedicated work device for that.

palmotea•2mo ago

I don't know how common it is, but it's optional for me (at least). If I want access to work email/calendar/chat (which is convenient), I'd have to consent to some kind of device management.

But personally, I've always said no, because years ago someone at my workplace fat-fingered a command and wiped all iPhones hooked up to company services (including employee-owned personal devices). I've always seen it as a risk to my data if not my privacy.

nhubbard•2mo ago

Since this is on Android, this policy should only apply to the version of the Messages app within the work profile, right? If it didn't and could access personal messages, that would be crossing a line.

Reading the post makes it sound like this only happens on managed devices; whether that means "owned and provided by work", "within the confines of the work profile on a BYOD devices", or both, I'm not 100% sure.

lxgr•2mo ago

It’s been taking Google a minute to fully reinvent the wheel with their proprietary instant messaging solution du jour.

m-hodges•2mo ago

Periodic reminder that E2EE chat apps like Signal cannot protect you from a device that betrays you (MDM). I don’t use Signal on any work devices. I can’t do anything about my colleagues who chat with me and do.

d1sxeyes•2mo ago

Could you explain how MDM would breach E2EE? I know that it can be used to MITM TLS connections, but not aware of a way it would breach E2EE like Signal.

m-hodges•2mo ago

It doesn’t breach E2EE; it gives your employer control over the device. Once messages are decrypted on the phone so you can read them, anything your employer deploys via MDM (screen capture, keylogging, backup/forensics tools, admin unlock, etc.) can potentially copy them.

On a company-owned, fully managed device, you should treat MDM as roughly equivalent to handing your boss an unlocked device: anything you can see on-screen could be captured or exfiltrated by tooling they deploy.

d1sxeyes•2mo ago

Ah. In the EU, folks are mostly protected against that kind of overreach, even if the phone is a work device: https://globalfreedomofexpression.columbia.edu/wp-content/up...

youngtaff•2mo ago

Never assume anything you do on a work device or a work network is private

oftenwrong•2mo ago

This headline is misleading.

>This applies to work-managed devices and doesn’t affect personal devices.

"All Your Text Messages" implies _all_ messages, which is not the case.

SilverElfin•2mo ago

But many jobs require you to bring your personal device, rather than giving you a separate work phone. And when you want to connect it to your work email or calendar, since that’s what’s expected these days, you are forced to opt into their IT team’s management of your personal device. I think that makes you fall under the privacy gap the article is describing.

lern_too_spel•2mo ago

Android is a multi-user OS. One of the ways this is exposed is via work profiles, which are walled off from the main profile. The IT management applies only to the work profile.

marssaxman•2mo ago

That practice sounds like it ought to be illegal. I'm glad I have never encountered it.

halJordan•2mo ago

It is illegal, the only problem is that standing behind you is a rube who will absolutely let his employer use a private phone instead of demanding a company one

pjmlp•2mo ago

Well, I am quite sure in many European countries I can refuse that practice as per work legislation.

Now if people aren't keen into fighting for their rights, that is another matter.

AuthAuth•2mo ago

On android it splits into two seperate profiles. Personal and work and they do not share the same app data, photo,files, contacts etc.

olyjohn•2mo ago

I'm pretty sure this only works on Pixel phones if your employer enables the "Work Profile" from their MDM service. My previous employer didn't care to, and all my shit was mixed together.

ramesh31•2mo ago

>"allowing employers to intercept and archive RCS chats on work-managed devices."

Key phrase there. You should already be treating any employer provided device as completely compromised. Never do anything on those that you wouldn't be perfectly comfortable having projected on a screen in front of your entire company at a meeting.

everfrustrated•2mo ago

Looks like it shows a very obvious warning in the messages app.

See screenshot here.

Headline is clearly click-bait.

https://support.google.com/work/android/answer/13761869#zipp...

bfkwlfkjf•2mo ago

It's like Google and Microsoft are converging, no?

Show HN: Bitcoin wallet on NXP SE050 secure element, Tor-only open source

White House Explores Opening Antitrust Probe on Homebuilders

Show HN: MindDraft – AI task app with smart actions and auto expense tracking

How do you estimate AI app development costs accurately?

Going Through Snowden Documents, Part 5

Show HN: MCP Server for TradeStation

Canada unveils auto industry plan in latest pivot away from US

The essential Reinhold Niebuhr: selected essays and addresses

Rentahuman.ai Turns Humans into On-Demand Labor for AI Agents

StovexGlobal – Compliance Gaps to Note

Show HN: Afelyon – Turns Jira tickets into production-ready PRs (multi-repo)

Trump says America should move on from Epstein – it may not be that easy

Tiny Clippy – A native Office Assistant built in Rust and egui

LegalArgumentException: From Courtrooms to Clojure – Sen [video]

US moves to deport 5-year-old detained in Minnesota

If you lose your passport in Austria, head for McDonald's Golden Arches

Show HN: Mermaid Formatter – CLI and library to auto-format Mermaid diagrams

RFCs vs. READMEs: The Evolution of Protocols

Kanchipuram Saris and Thinking Machines

Chinese chemical supplier causes global baby formula recall

I've used AI to write 100% of my code for a year as an engineer

Looking for 4 Autistic Co-Founders for AI Startup (Equity-Based)

AI-native capabilities, a new API Catalog, and updated plans and pricing

What changed in tech from 2010 to 2020?

From Human Ergonomics to Agent Ergonomics

Advanced Inertial Reference Sphere

Toyota Developing a Console-Grade, Open-Source Game Engine with Flutter and Dart

Typing for Love or Money: The Hidden Labor Behind Modern Literary Masterpieces

Show HN: A longitudinal health record built from fragmented medical data

CoreWeave's $30B Bet on GPU Market Infrastructure