Iranians are forced to use homegrown apps as the authorities tighten internet restrictions for security reasons Copyright AFP ATTA KENARE
With digital surveillance at an alltime high and tech companies facing pressure to weaken encryption, the battle for truly private communication has hacktivists, journalists, and all privacyconscious users facing an unprecedented challenge—finding a messaging app that truly protects their anonymity, metadata, and personal identifiers.
Despite the rise of socalled “secure” messaging platforms, many popular apps like WhatsApp, Signal and Telegram still expose users to surveillance risks, personal identifiers, metadata tracking, and legal vulnerabilities.
Alexander Linton, President of the nonprofit Session Technology Foundation, has explained to about the evolving threats to secure communication and the technologies reshaping the future of digital privacy, including the $SESH token facilitating decentralized private messaging, onion routing and others.
In an age where governments and corporations alike collect vast amounts of personal data, hacktivism—activism through hacking—has emerged as a powerful tool for exposing corruption, protecting civil liberties, and pushing back against digital overreach. From whistleblowers leaking classified information to anonymous groups taking down oppressive digital infrastructures, hacktivism is reshaping how power operates in cyberspace.
Yet, as hacktivists and privacyconscious individuals navigate an increasingly surveyed Internet, they face a critical problem: finding a truly secure, encrypted messaging platform that doesn’t compromise their anonymity. Many socalled “secure” apps still collect metadata, require phone numbers, or operate under jurisdictions where they could be compelled to turn over user information.
What to Know Before Choosing a Secure Messaging Ap
Linton has provided the following advice to readers:
End Encryption Isn’t Enough
Most popular messaging apps tout endtoend encryption (E2EE), but that doesn’t mean they’re fully secure. While E2EE ensures that messages can only be read by the sender and recipient, many apps still collect personal identifiers like phone number and email address as well as metadata. This can expose who you communicate with, how often, and even where you are. This data can be just as revealing as the message content itself.
Beware of Metadata Collection
Even if an app encrypts your messages, it may still collect metadata that can be used to map your social connections. Apps like WhatsApp, for example, encrypt messages but still store metadata, which can be accessed by law enforcement agencies. A truly secure app should minimize or eliminate metadata collection.
Avoid Apps That Require Personal Identifiers
Many encrypted messaging apps require a phone number or email for registration, creating a traceable link between your identity and your communications. A more secure alternative would be an app that allows users to create anonymous accounts without any personally identifiable information (PII).
Centralized vs. Decentralized Messaging Apps
Centralized apps store messages on companycontrolled servers, making them potential targets for data requests or breaches. Decentralized platforms, on the other hand, distribute messages across a network, reducing the risk of any single point of failure or control. Apps using decentralized architecture or peertopeer messaging can provide much stronger security.
OpenSource vs. Proprietary Code
A truly secure messaging app should have opensource code, allowing cybersecurity experts to audit it for vulnerabilities. Closedsource (proprietary) apps require users to trust the company’s security claims without independent verification—an approach that has repeatedly led to hidden backdoors and privacy breaches.
Jurisdiction and Legal Risks
Where an app is based matters. Messaging services headquartered in countries with strict surveillance laws or intelligencesharing agreements (such as the Five Eyes alliance) can be legally compelled to turn over user data. Choosing an app based in a privacyfriendly jurisdiction, or one with zeroknowledge policies, is optimal. While not foolproof as laws can change, and companies can be compelled to cooperate with foreign governments, can be a safer bet.
The Risk of Compromised Encryption
Some governments and intelligence agencies have actively worked to undermine encryption standards, such as attempts to mandate backdoors in encryption. Be wary of apps that have ties to companies known for cooperating with surveillance efforts or that use proprietary encryption protocols that haven’t been independently verified.
SelfDestructing Messages and Ephemeral Data
For maximum security, secure apps should also avoid cloud backups unless those backups are endtoend encrypted and usercontrolled.
The Future of Secure Communication in Hacktivism
As governments and corporations continue to crack down on digital privacy, the demand for truly secure messaging apps will only grow. Hacktivists, journalists, and privacy advocates must stay ahead of evolving threats by choosing platforms that prioritize security, decentralization, and anonymity.
In a world where digital surveillance is the norm, a truly secure messaging app must go beyond basic encryption. It should minimize metadata collection, avoid requiring personal identifiers, and operate on an opensource, decentralized infrastructure. For those engaged in hacktivism or anyone concerned about privacy, understanding these risks and making informed choices is critical.
The digital landscape is constantly evolving, and new threats emerge regularly. Therefore, the fight for privacy is ongoing—but with the right tools, it’s still possible to communicate securely in an increasingly monitored world.
