Ensure your privacy


Certain actors, be they governments, intrusive corporations, or just individuals with access, will not be deterred by laws that are meant to protect your privacy. Outsiders have access to your communications in a ways that are hidden from you and from the legal authorities designated to protect you.


There are three ways in which an outsider can access your instant messages:

Accessing messages in transit

As you communicate over the internet, your packets pass through many routers that are controlled by the companies that maintain the internet. When you send messages to the server, your packets are encrypted using Transport Layer Security (TLS). An outsider with access would be able to see that you are communicating with the server, but he could only read the communication if he had strong enough decrypting power. Splitters exist that provide outsiders continuous copies of internet traffic for review. TLS encryption is likely not an obstacle to governement actors.

Accessing messages on the server

Messages sent through the server are decrypted on the server, removing TLS encryption, and then encrypted again with TLS and sent to the recipient. Messages are stored in an archive on the server that is used to synchronize chat history on multiple devices. Here is an example of an archived message:

<body>Hey gruñón! We need to keep this a secret! Do not mention it to anyone!</body>

If the participants use End‑to‑End Encryption, only the metadata of each message is in plain text as seen in this example:


Accessing messages on one of the end-point devices

Messages exist in decrypted states on the participant’s devices. If an interested outsider gains access to one of the devices, physically or remotely, encryption will not prevent him from snooping.

Ensure Your Privacy

Simply by using you have a heightened level of privacy because, unlike other services, neither your email address nor your mobile phone number has an association with your account.

Here are some additional steps you can take to increase your privacy even more depending on your needs:

  • Use TOR or a VPN to prevent packet snooping and tracing packets back to you.
  • Use End‑to‑End Encryption to make message content legible only to the participants of the conversation.
  • Ensure the security of your devices by scanning them for unauthorized software. An even more secure approach is to boot your device from a trusted read-only operating system.
  • Immediately after a chat that includes sensitive information, have the participants purge their Message Archives from the Account Management Page.
  • When the participants of a chat use accounts on the domain, none of their messages are archived on the server.

Topics covered on this page:

End-To-End Encryption

End-to-End Encryption for XMPP Instant Messaging

Tor Network

Anonymize your instant messaging traffic over the Tor Network.

Last modified April 9, 2020