If people want to invade your privacy, they want to invade your privacy. I find it chilling, and I find it awful, and it makes me really nervous. It hasn't happened to me much, but when you have a taste of it, it's bitter.Ruth Negga

Anonymity vs Secrecy, and why you can't delete messages on SMS Privacy.

Bitcoin allows people to transact anonymously, but not in secret. The distributed public ledger records everybody's (on-chain) transactions forever, but there needn't be any personally identifiable information associated with that. Using Tor to visit an unencrypted HTTP site gives a similar sort of privacy: the content of the communication is all clear text, but the Tor network obscures the identity of the initiator, and all you see is the identity of the exit node. In both cases, you get anonymity, but not secrecy.

SMS is not at all a secret method of communication. There is no encryption, and anybody on the SMS route can very easily record the sending number, recipient number, and content of every message they route. This makes it technically impossible to offer a way to use SMS in secret.

The approach of SMS Privacy is to help with anonymity, but not secrecy. If used carefully it is perfectly reasonable to sign up for an SMS Privacy account and send and receive SMS without exposing any identifying information.

A couple of people have requested a way to delete messages. This suggests a desire for secrecy, which SMS Privacy is not able to provide. Even if we added a feature to delete messages from the database, it is very hard to guarantee that the messages have disappeared from the disk. And even if we could guarantee that the messages had disappeared from the disk, there's no way to know who else holds records of the messages.

Adding a message deletion feature would only serve to give users a false sense of secrecy and therefore we opt not to.

Another point to consider is that part of the SMS Privacy philosophy is "you don't have to trust us". You don't have to trust us not to give away your identity, because you can make sure not to let us know your identity. But if we added a message deletion feature, you would just have to take us on our word that the messages had actually been deleted, rather than just hidden from the user interface.


SMS Privacy is a project by James Stanley.
Available as a Tor hidden service at smspriv6fynj23u6.onion.
Please send bug reports, feature requests, comments, concerns, etc. to jes@smsprivacy.org.
As featured on Indie Hackers.