Skip to content

Security vs. Privacy vs. Anonymity

The three distinct, but deeply connected pillars of digital protection that the entire SPA ecosystem is built on.

πŸ“– The Basics

What It Is

Security, privacy, and anonymity are three separate properties of digital protection. While they often work together, and you usually want elements of all threeβ€”they describe unique goals. Security is about keeping unauthorized parties away from your data. Privacy is about controlling who can access your information and under what conditions. Anonymity is about severing the link between your actions and your identity entirely.

How It Works

I think an example is the best way to illustrate the unique properties of security, privacy, and anonymity. Let's say you walk into a pharmacy and buy something sensitive like HIV medication, a pregnancy test, or addiction treatment medications. (Fill this in with anything you'd rather not broadcast to the world.) There are three unique properties you need to consider:

Security

Security asks: can the wrong people access this data? A secure pharmacy has encrypted payment systems, access controls on its databases, and protection against breaches. That's a great start, but notice what security doesn't address: it says nothing about what the authorized parties do with your information once they have it. In other words, can the pharmacy and its third-parties be trusted with the information?

Privacy

Privacy asks: who knows what about me, and did I consent to that? Does the pharmacy sell purchase data to third parties? Can you opt out of their loyalty program? Could you pay with an alias to limit what gets recorded? Privacy is about controlling the conditions of access, it's the ability to confidently know exactly what the pharmacy does and doesn't know about youβ€”regardless of their security practices.

Anonymity

Anonymity asks: can this be traced back to me at all? This goes further than privacy. It means making the purchase in a way where your real identity is never attached to the transaction, it's completely trustless. Paying cash, forgoing insurance, perhaps obscuring other identifying characteristics. The action is real. The connection to you isn't. This removes the need to trust the pharmacy at all.

Choosing Privacy Tools

The relationship between each property plays out constantly when choosing tools. Let's take a look at choosing a messaging app. Signal is a common recommendation because messages are end-to-end encrypted and they retain almost nothing about users. But Signal requires a phone number to register, which means your account is tied to an identity, even if you hide it with a username. When we zoom out, we can see that Signal emphasizes strong security and privacy, but not necessarily anonymity.

Other messengers like Session or SimpleX take a different approach with no phone numbers and no accounts linked to your name, because they're optimizing more heavily for anonymity. Neither approach is universally better, in fact many consider Session a less secure messenger than Signal. The reality is they all reflect different priorities for different threat models.

graph TD
    A["πŸ” Your Digital Protection"] --> B["πŸ›‘οΈ Security"]
    A --> C["πŸ”’ Privacy"]
    A --> D["πŸ•ΆοΈ Anonymity"]
    B --> B1["Protects against:<br/>Unauthorized access<br/>Hackers, breaches, theft"]
    C --> C1["Protects against:<br/>Authorized misuse of your data, surveillance capitalism, data brokers"]
    D --> D1["Protects against:<br/>Identity being linked to actions, tracking, targeted exposure"]
    B1 --> E["Together: Security can enable Privacy.<br/>Privacy can enable Anonymity.<br/><br/>Your threat model determines<br/>how much of each you actually need."]
    C1 --> E
    D1 --> E

Diagram: Security prevents unauthorized access, Privacy limits authorized misuse, and Anonymity severs the link between actions and identity. Your threat model determines which mix you need.

🎯 Why It Matters

Conflating these three concepts is one of the most common mistakes people make when evaluating digital tools.

Someone can use full-disk encryption (strong security) while still having everything they do logged and sold by every app on their device (poor privacy). Someone can use a privacy-respecting messaging app (good privacy) and still be identifiable by their phone number or IP address (limited anonymity). Someone can achieve near-complete anonymity with Tor, cash, no accounts, but still have their data stolen if their device is compromised (weak security).

Getting the diagnosis wrong means applying the wrong solution. This is exactly why the SPA Quiz doesn't just ask what tools you wantβ€”it asks what you're trying to protect and why. Your answers shape whether you need to focus on S, P, A, or some combination of all three.

Understanding which property you're actually trying to achieve and which tools actually deliver it is the foundation everything else builds on. Going back to our messenger example: for some of you, Signal will be the perfect solution as you don't need absolute anonymity in a daily messenger. For those with higher threat models, Signal could come with sacrifices that are unacceptable for your concerns.

πŸ’‘ Common Misconceptions

"Security and privacy are the same thing."

They overlap, but they answer different questions. Security is about keeping the wrong people out. Privacy is about controlling what the authorized people get to do with your information once they have it. A hospital can have flawless cybersecurity and still sell your prescription history to advertisers.

"Strong security automatically gives me privacy and anonymity."

The 2020 Ledger data breach is a clean example of why this isn't true. Ledger sells cryptocurrency hardware wallets designed to offer serious air-gapped security. But when the company's customer database was breached, roughly 1 million customer email addresses were exposedβ€”and for a smaller subset of customers, names, home addresses, and phone numbers were posted publicly too. This drew a target on the back of everyone who owned enough crypto to bother buying a hardware wallet. The device's security held. The privacy of who owned one didn't, and once identities were tied to "this person holds crypto," anonymity was gone too. Three properties that all depend on each other.

"Anonymity means doing something secret or suspicious."

Anonymity is just unlinking your identity from an action. The action itself can be completely ordinary like buying medication, reading a news article, or sending money to a relative. There are countless reasons someone might want a normal activity uncoupled from their name. Does anyone ask questions when their library gets an anonymous donor? Obscurity can also matter: using an old phone you already own for a sensitive purpose is more anonymous than buying a dedicated "anonymous" device, because the old phone doesn't signal anything to anyone. Blending in is often more effective than standing out.

"I only need to focus on one of these."

Most people gravitate toward one of the three: security feels concrete, privacy feels powerful, anonymity feels niche. The honest answer is that the mix you need depends on what you're trying to protect and from whom. Some people genuinely only need one pillar, but most need elements of all three, just in different proportions.

"True anonymity online is impossible, so why bother?"

Total, permanent, against-every-adversary anonymity is genuinely hard...maybe impossible. But anonymity isn't binary. Most people benefit from partial anonymity against specific parties they care about. Your search engine not knowing it's you, your messaging app not requiring a phone number, your purchases not being linked to a marketing profile. The right question is almost always "anonymous from whom, in which context, for what?"

πŸ—£οΈ Henry's Take

Almost every mistake I see in how people approach digital protection traces back to confusing these three pillars. Someone hardens their device with full-disk encryption and a password manager, then files their taxes through an app that sells their financial profile to data brokers. Or maybe a journalist in a hostile environment uses Signal religiously but registers it with their real phone number and assumes they're untraceable.

The Ledger breach I covered earlier is a real, tangible example: owners of one of the most secure devices in the cryptocurrency world had their names, home addresses, and "I own crypto" status leaked to the open internet. The device security held. The privacy and anonymity around purchasing the device didn't. Cupcake, which instead turns an old phone into your hardware wallet, makes the trade-off concrete: slightly less dedicated security, but better privacy through obscurity, with no "crypto device" purchase trail. Different approaches with different tradeoffs.

I think security tends to be the easiest to grasp since most people instinctively understand they don't want their bank accounts broken into. Privacy is harder, because it requires deciding which authorized parties you actually trust with which information. Anonymity is hardest, because it involves designing your behavior so an action and an identity never get connected in the first place. None of the three is inherently more important than the others; what matters is which mix matches your life right now. Pick the pillar with the biggest gap, start there, and reflect again in 3-6 months. The threat landscape changes, and so will you.

βœ… Henry's Picks

This article isn't designed to recommend a specific tool, it recommends a process for figuring out which tools you actually need.

  • SPA Quiz: A short assessment that maps your situation to the pillars you should focus on. The fastest way to get a personalized starting point.
  • Threat Modeling: The wiki article on how to translate "what worries me" into "what I should actually do about it."
  • SPA Tools: Our curated shortlist of tools across every category. Once you know which pillar you're short on, SPA Tools is where to find the tools to help fix it.

If you'd rather work through this in long-form structured order, Go Incognito covers all three pillars from foundations to advanced topics.

πŸ”— Go Deeper

Related wiki articles:

Techlore content:

  • Go Incognito v2, Lesson 1.3β€”Privacy vs. Security vs. Anonymity

External sources:

Found an error? Report it here β†’