This points to a serious observability issue in communications software. Nearly every #corpocentric chat platform and videoconferencing / teleconferencing platform claims that communications sent via that platform are encrypted. Many, if not most, claim to be end-to-end encrypted ( #E2EE ).
But there's no easy way to tell whether the system really is encrypted all the way from you to your friends / family / business contacts, rather than from you to the communication intermediary and from the intermediary to your contacts. Nor is there an easy way to tell what metadata is not encrypted (e.g., what information is necessary for the intermediary to set up your call, what is unneeded by available to them in unencrypted form anyway, what information they are required to collect by various governmental agencies), and whether encryption is required or optional.
Finally, laypeople have no way to judge the quality of the encryption. Is this "Deputy Jim-Bob can get a decrypted copy by entering some data in the company web site" encryption? Is this "Joe BadGuy can record the encrypted data and crack a 30 minute call in 3 hours" encryption? Or is this "the NSA, MI-6, BND, Unit 8200, DGSE & DCRI, FSB, or GRU would have to devote three weeks of their best supercomputers' time in order to crack a 30 minute call" encryption? How can one tell the difference?
I point this out because #Zoom was sued by some US states because it was caught selling data taken from calls that were claimed to be encrypted #E2EE.
And I think it was #Telegram that is said to have really good encryption, but it is optional and must be enabled on a per-chat basis.
Also, if the client app grabs the info and puts it into plain-text logs before encrypting it for transmittal, the E2EE doesn't really help, as any secret could be exposed in the logs