How do you know they have access to the archived data? That’s possible… but requires making assumptions that the application sends the archive data back to the company, which is not a guarantee by any means. Not everything operates via vendor-run infrastructure, most enterprise applications are designed to work with an enterprise-run solution for exactly this type of reason. This isn’t a program aimed at the general public.

They make the client application, it is entirely possible that the client simply sends that data to a specified database, and the apps on these devices are set to a server run by the US government. It’s not hard to verify where the archive info leaving a device via any network interface is going. You can’t just hide a connection from the phone to an additional random server, especially if you’re looking for weird connections when validating solutions to implement.

Is it possible that they have it running to a server run by the company? Of course it’s possible. That doesn’t mean it’s plausible, or even likely here. We don’t know how the app is set up or where it archives to. Assuming it must archive back to the company though is ignorant of how anything remotely related to these types of things work.

On a side note… When was the contract for this application setup? Was it signed by the Trump admin or has it been in place for years to archive these types of communications and we’re only talking about it now because of the Trump officials being idiots brought it into the news cycle?

An archiving application isn’t inherently insecure just because it’s third party, or even made by a foreign company. There’s a shit ton of technology bought from foreign countries because that’s the best option.