Security vs Privacy vs Anonymity
In the privacy community, there's often a lot of debate over the perceived superiority of certain products because of their various shortcomings with no regard for the intention of these products. For example, many people lambaste Signal for requiring a phone number. This is a fair complaint, as someone who is trying to remain anonymous should be cautious who they hand out a valid phone number to. Other messengers, such as Session, allow for usernames, meaning the person who uses it can still maintain a degree of privacy when handing out their username. But even those services have shortcomings. Wire, for example, does log information such as IP Address on sign up, meaning that unless you take additional measures it is not completely anonymous.
On this page, I want to explain privacy, security, and anonymity. These subjects often compliment each other, but they are not always dependent on each other. It is important to remember that to some extent, there are no wrong answers here. It is okay to pick a product because you value security even though that product may offer little in the way of privacy (though I don't encourage that). It's also okay to pick a product that provides privacy even though it doesn't provide anonymity. And it's even okay to pick a product that doesn't provide security if it does provide one of the other features. The important thing is that you need to be aware what these products and services are offering you so that you can use them correctly.
- Security is defined as "freedom from danger," or “protection; measures taken to guard against espionage or sabotage, crime, attack, or escape.” Think of it the ability to keep unauthorized people from accessing information, accounts, or other similar things. A real world example could be the way a lock is designed to keep unauthorized people outside of your home.
- Privacy is “the quality or state of being apart from observation; secrecy.” I call it the ability to control information. This can refer to your identity, but can also refer to information about your identity, like your words, ideas, beliefs, images, or bank information. Using the above house again, privacy can be thought of as your ability to control who has the key or the address.
- Anonymity is the state of being anonymous, or “of unknown authorship or origin, not named or identified.” It is the ability to be completely unknown by anyone. Anonymity can be thought of as privacy on steroids, but while privacy refers more to information ABOUT you, anonymity refers more to your actual identity.
- All definitions courtesy of Merriam-Webster Dictionary.
As I said, these topics often overlap. Privacy can help your security because if people don't know information about you, they can't pretend to be you to answer security questions. Security can protect your privacy by controlling who has access to that information about you. The best example I like to use is a home: security is the door lock. Privacy is the key, and you can decide who gets a copy of it. Anonymity is when nobody gets a copy of the key, or even the address.
Security without Privacy or Anonymity
The most obvious example of this, as I mentioned before, is Google. Google has had almost no major data breaches in all their years of existence, yet they know almost everything about everyone to the point that the former CEO Eric Schmidt remarked "We can more or less know what you're thinking about." Google offers world-class security with zero privacy or anonymity.
Privacy without Anonymity
MySudo is, in my opinion, a great example of this. MySudo is non anonymous. They can see your messages, they can see your metadata, and if you sign up for their masked-card service, they know exactly who you are. However, they help you protect your privacy by giving you phone numbers, email addresses, and cards to give to other companies and individuals so that you can protect your real information. The same goes for privacy.com, who allows you to use masked debit cards with literally any information attached to them. Privacy has to know who you are by law to prevent fraud, so they're not anonymous, but they can help you protect some of your privacy.
Anonymity without Security
Cash is a great example of this. Paying for a product in cash preserves your anonymity - unless the business requires it, you don't have to give any kind of information at all. Yet, you have no security if the seller doesn't deliver the item (unless you have a receipt). You have no protection from fraud or anything like that.
Security & Privacy without Anonymity
Once again, I'm going to cite Signal. Because your phone number is required, you can be unmasked by a court order or even a web search depending on the phone number you use. However, Signal is renowned for having some of the best security in the world, and the content of your messages and the information you transfer will be protected and controlled even if your identity is not.
Privacy without Security or Anonymity
Forgive me if this a gross example, but think of using the restroom when you go camping. You can find some bushes to hide behind and that will give you privacy, but have no security or anonymity. There is nothing to stop anyone from finding you, and if the police decide to ask for ID you have no protection from that request.
Security with Privacy & Anonymity
I would argue that XMPP is a perfect example of this. XMPP allows you to sign up without any real information, over a VPN or Tor connection for total anonymity. Additionally, the conversations can be protected by OMEMO encryption, meaning the data itself is also private. When used properly, this is as closed to perfect as you can get (if a bit user-unfriendly).
As I said before, these three concepts are not necessarily dependent on each other. A secure product does not guarantee privacy, a private product does not guarantee security, and anonymity does not guarantee either. Also as I said before, there is nothing wrong with valuing one facet over another. While I discourage it, it is okay to use Gmail because of Google's top-notch security even though it offers no privacy. It's also okay to use Signal even though it doesn't give you total anonymity. Just be sure you understand how a product is used. It would be awful to use Google thinking that it will give your communications privacy and then your financial details get stolen by a rogue employee. Or if you used a service like Signal to organize protests in a hostile country only to be arrested once your phone number is unmasked with a warrant. Know the limitations of the services you choose and decide what features are important to you.