You can see the metadata outside of the e2ee envelope in Element. Things like message IDs in replies, room information, room IDs, in some cases emoji reactions, and other data will regularly find itself as part of the plaintext message. Of course there's still a HTTPS wrapper around those components, but the point is about E2EE.
Because Matrix wasn't encrypted from day 1 and because Matrix wanted to improve the general UX, especially for people not sending their notifications through Google and Apple, this metadata is still readable by the server(s) you connect to, so that they can serve users better. None of this is new and all of it is actively being worked on, but the Matrix ecosystem isn't exactly overflowing with funds at the moment so things take time.
Whether or not this kind of metadata being available to a participating server is a problem is up to you to decide. I use Matrix, I believe the federation upsides outweigh the protocol privacy downsides, so I don't think it's a problem for me.
However, the article discusses a privacy risk in Signal that is extremely niche and hardly a problem for 99% of people. It's more false advertising than an actual privacy risk, I'd reckon. What I want to make clear is that if you are part of the 1% where even the slightest metadata analysis poses a risk, Matrix is probably not the protocol for you.
I don't think there is any mainstream protocol that does fit the bill for someone like that. I'd start looking in the direction of Threema or TorChat if Signal isn't private enough.
Because Matrix wasn't encrypted from day 1 and because Matrix wanted to improve the general UX, especially for people not sending their notifications through Google and Apple, this metadata is still readable by the server(s) you connect to, so that they can serve users better. None of this is new and all of it is actively being worked on, but the Matrix ecosystem isn't exactly overflowing with funds at the moment so things take time.
Whether or not this kind of metadata being available to a participating server is a problem is up to you to decide. I use Matrix, I believe the federation upsides outweigh the protocol privacy downsides, so I don't think it's a problem for me.
However, the article discusses a privacy risk in Signal that is extremely niche and hardly a problem for 99% of people. It's more false advertising than an actual privacy risk, I'd reckon. What I want to make clear is that if you are part of the 1% where even the slightest metadata analysis poses a risk, Matrix is probably not the protocol for you.
I don't think there is any mainstream protocol that does fit the bill for someone like that. I'd start looking in the direction of Threema or TorChat if Signal isn't private enough.