Your phone needs to be secure. Governments take advantage of phones to recover phone numbers, voice mails, emails, notes, texts --- anything sensitive that's ever passed through a phone. They'll even use phones to impersonate reporters and activists to their sources.
When a secure phone is locked, it won't give up any of its data. But even a secure phone won't protect you if it's unlocked!
iPhones are the safest phones, safer today than Android.
There are a lot of reasons for this, but the simplest and most important is that only one company (Apple) makes iPhones, while many different companies (Samsung, Google) cooperate to make Android phones. That means securing an iPhones an easier technical problem.
You can make an Android phone secure, but it takes some technical savvy to pick the right phone model and to know how to lock it down. Meanwhile, any recent Apple phone can be made safe without much effort. If you're not sure whether you're savvy enough, you should use an iPhone.
That may be all you need to know. But if you'd like to know more about why you should use iPhones, here are some additional details.
iPhones are more likely to have software updates applied: All phones run software. All software has bugs. Security flaws come from bugs. So it's important that your phone be updated regularly, to get the latest bug fixes. iPhones can update themselves automatically, and Apple updates even relatively old iPhones. Android phones are updated less frequently, and some Android vendors barely publish updates at all.
iPhones have better encryption: Modern phones are encrypted, so you can't get data off them when they're locked. The iPhone was designed for cryptography, and Apple controls both the hardware and software for the iPhone, so it has special hardware support for crypto (like the "secure enclave").
iPhones are locked down: Android is an open platform. The iPhone is closed: it only runs software approved by Apple. Openness is a good thing, but it makes security harder, by increasing the number of bad things that apps you download can do (or be tricked into doing).
The security advantage of a closed platform phone is eliminated if the phone is "jailbroken", which people sometimes do to install software vendors don't approve of. Both Android phones and iPhones can be jailbroken, but Androids are far more likely to be jailbroken than iPhones. Either way: don't jailbreak your phone.
No matter what phone you use, you need to follow some basic safety rules to protect your data and the data of the people you talk to.
-
Set a long passcode on your phone, or, even better, a passphrase. If someone can guess your passcode, all bets are off. With a decent passphrase, even governments may not be able to open your phone without your help.
-
Use secure messaging software. Text messages are insecure even if you use a secure phone to send them. The best secure messaging software is called Signal, and its free to use. If you can't use Signal, you can get some security from WhatsApp and Facebook's Messenger, which license Signal's technology. Don't rely on the built-in messaging application, or on email.
-
Be careful about cloud backups. Surprising though it made seem, if you're using an iPhone, there is probably no computer in the world that is safer for your data than your phone. "Cloud" is computer jargon for "other people's computers". Consider backing things up only to a computer you own. If you do this, make sure you encrypt your backups: for iPhones, that's a check box you may have to click in iTunes.
Telegram does not have better encryption than WhatsApp, which uses the Signal protocol. It may have nicer features, but security researchers laugh at the encryption Telegram uses. For sourcing on this, consult @jzdziarski.