Google has seemingly changed its stance on privacy as far as Allo is concerned, according to a report by The Verge.
Previously, the company had claimed end-to-end encryption for messages, but later it was revealed that it would only work for incognito chats. Now, as it turns out, all the messages sent in non-incognito mode will indefinitely be stored on Google’s servers until you manually delete them.
This is seemingly done to improve Allo’s Assistant feature, that provides responses to what you type. Having a previous chat history improves the machine learning experience, allowing the Assistant to provide better suggestions but this comes at the obvious cost of privacy. The Assistant is also the reason why regular chats aren’t end to end encrypted, as it needs access to the messages, something it cannot do in incognito mode where the messages are encrypted.
There are legal ramifications to this as well, as law enforcements can now demand to see these messages and being non-secure can easily be handed over by Google.
Bottomline is, if you want to use all the features of Allo, know that it is not secure. If you want something secure, use Signal or WhatsApp that have forced end to end encryption on all chats and don’t store information on their servers.