I'd just given a talk at a conference and was having a nice chat with a young man who was doing similar work and wanted to stay in touch.
"Great, just give me your Signal number," he said.
I hesitated. I've been using Signal for several years, since it was TextSecure. As the premier end-to-end encrypted messaging app, it's by the far the most trusted app of its kind in my circles, and although it's been slow to catch up to WhatsApp and other tools when it comes to fancy features, I use just as much among friends.
But Signal—as well as WhatsApp and Viber—require you to register with and use your phone number as an identifier. What this means practically is that when I meet someone with whom I wish to connect on one of these apps, I have to give them my phone number for them to be able to message me.
I've been thinking about this as a security issue for awhile. As a woman, handing out my phone number to a stranger creates a moderate risk: What if he calls me in the middle of the night? What if he harasses me over SMS? What if I have to change my number to get away from him?
As a semi-public figure, these are real concerns. Fortunately, I can block a single harasser's phone number, but what if someone decided to make my private number public? I'm not willing to take that risk.
I'm not so surprised that the mostly-male developers of these tools didn't consider these risks—risks that largely affect women and other vulnerable groups. They've focused carefully on ensuring that their encryption works (which is key), that their user-verification models are usable and make sense, and I'm grateful for that…but I still don't want to give my phone number out to a stranger.
Luckily, I have a workaround, and a policy recommendation for app developers. Let's start with the latter:
Allow users to create alias handles
I'm not a technologist, but I've asked around, and a number of smart friends have suggested that it wouldn't be so hard for apps like Signal to allow for aliases. What do I mean? Well, imagine that young man at the conference had asked me for my Signal, but instead of giving him my number, I could give him a temporary or permanent handle associated with my account. Registration wouldn't change—my Signal would still be tied to my phone number—but the public-facing identifier could be the phone number or an alias of my choosing.
There's only one app that I know of that offers a feature like this: SudoApp boasts of allowing users to create up to nine aliases for different purposes. Wire doesn't offer multiple aliases, but also doesn't require a phone number…you can simply sign up online with your email address. I would like to see more encrypted messaging apps consider options like these.
A workaround to protect your phone number
A few years ago, I discovered a way to use Signal and WhatsApp while keeping them disconnected from the SIM I carry with me in my phone. It requires you to purchase a second SIM card (I use a pay-as-you-go that I top up every couple of months), or to use a dedicated Google Voice or other forwarding number. Here's how you do it:
1. Put your secondary SIM card in your regular phone and register your Signal account to that number.
2. After it's registered, take that SIM card out and put your regular one back in. Do not change your Signal account to that number.
You'll want to hold on to the SIM card, and make sure it stays operational, because if the number goes back out onto the market, someone can register a new account with it, thus kicking you off of yours (seriously, this happened to a friend in Lebanon, where numbers go back onto the market frequently).
You can treat the secondary number as a public number (mine is on my business cards, and I keep the SIM in an old Nokia so I can take work calls on it), or as your own little secret.
Jillian C. York is Director for International Freedom of Expression at the Electronic Frontier Foundation and a fellow at the Center for Internet & Human Rights at the European University Viadrina. A version of this article appeared on her personal blog.