Get the App 100% anonymous, no signup or email required
Guide EU Chat Control: what it means and what to do Read →
← Back to Guides

A public privacy resource

Chat Control, Your Phone Number, and Getting Online Without an Identity

Last verified 10 July 2026 14 min read CC BY-SA 4.0

We sell anonymous eSIMs, so treat this as an interested party writing. We have tried to make it worth reading anyway: sourced, dated, honest about what an anonymous SIM does not do, and honest about what we ourselves can see. There is no signup wall and no sales pitch in the body. If any claim here is wrong, tell us and we will fix it in public.

Want the practical version? This page explains what is happening and what we can see. If you just want the concrete steps, which apps to switch to and what to set up this weekend, read the companion guide.
How to actually escape Chat Control →

The short version

  • What passed on 9 July 2026 is a voluntary scanning rule, extended to April 2028. It does not mandate scanning and does not break encryption. The broader mandatory proposal ("Chat Control 2.0") has not passed.
  • The real direction of travel is attaching your legal identity to your accounts and communications (age checks by ID or face scan). Your phone number is the anchor that ties that identity to everything else.
  • An anonymous number breaks the link between your identity and your connectivity. It does not stop on-device scanning, and it does not hide you from the carrier network.
  • We can see a payment identifier and a pseudonymous key. No required email, no name, no raw IP. The field-by-field list is below.

1. What "Chat Control" actually is

"Chat Control" is the nickname for a set of EU proposals aimed at detecting child sexual abuse material (CSAM) in private online communications. The nickname covers two very different things, and most of the panic online comes from confusing them. Getting the distinction right matters, because if you act on a false version of the threat you will protect the wrong thing.

The thing that just happened (9 July 2026)

On 9 July 2026, the European Parliament failed to block the extension of the temporary "ePrivacy derogation" (Regulation (EU) 2021/1232). This is the rule that lets platforms like Gmail, Meta, and Snap voluntarily scan for already-known illegal images. The vote was 314 MEPs to scrap it against 276 to keep it, but blocking required an absolute majority of 360, so the rule survives. It now runs until 3 April 2028.

Read that carefully, because the headlines did not. This extension is voluntary. It does not force any provider to scan. It does not require breaking end-to-end encryption. It does not give governments direct access to your messages. It is narrow, and it is the less alarming of the two things called Chat Control.

The thing that has NOT happened (the CSAR / "Chat Control 2.0")

The proposal people are actually afraid of is the permanent Child Sexual Abuse Regulation, COM(2022)209, in negotiation since 2022. At its most aggressive it would have mandated client-side scanning: software on your own device inspecting your messages before they are encrypted. That is the version security researchers call a backdoor, because a scanner that can read your messages before encryption defeats the point of encryption entirely.

As of this writing, the mandatory client-side-scanning version has been dropped from the current draft, and the "final" trilogue negotiation on 29 June 2026 ended without agreement. It is not law. What remains on the table, and what we think you should actually watch, is quieter and more durable:

  • Age verification obligations broad enough that opening an ordinary account could require showing government ID or having your face scanned, and these can reach even encrypted services.
  • Risk-mitigation duties written loosely enough that regulators can pressure encrypted services to change how they work.
  • Detection orders using hash-matching on unencrypted platforms.

The point most coverage misses

The center of gravity has quietly shifted from "scan the messages" to "verify the identity behind the account." Age checks, ID uploads, and face scans do not read your messages. They do something arguably more permanent: they bolt your legal identity onto your online presence. And the simplest bolt is your phone number.

What an anonymous SIM does not do. We will keep saying this because it is the honest part. None of the above is stopped by the SIM you use. If the law that worries you is on-device scanning, your defense is your device and your messaging app, not your number. An anonymous eSIM addresses a different problem: the number itself being used to identify you.

2. The number is the identifier

Almost every system that wants to know who you are asks for a phone number. Not because it needs to call you, but because a phone number is a rare thing: a globally unique, hard-to-rotate, government-registrable identifier that most people carry for years and reuse across hundreds of services. It is the quiet key that links your accounts to each other and to you.

Why the number is such a strong anchor

  • SIM registration. In a growing number of countries you must show government ID to activate a SIM. That turns the number into a direct pointer to your legal identity, held by the carrier and available to anyone who can compel the carrier.
  • It is a cross-service join key. The same number used for your bank, your messenger, and a shopping site lets those datasets be joined together, by data brokers or by anyone who subpoenas them.
  • IMSI and IMEI. Your SIM has an IMSI (the subscriber identity) and your phone has an IMEI (the device identity). The network sees both. Together they identify the SIM and the handset independent of any name, which is how a device stays trackable even after you swap SIMs.
  • SS7 and the signaling network. The decades-old signaling system that connects carriers has well-documented weaknesses that can be abused to locate a phone or intercept SMS. A number is enough of a handle to be targeted this way.
  • SIM-swap. Because so much "security" (password resets, two-factor codes) is pinned to a number, taking over that number, by tricking a carrier, takes over the accounts behind it.

Where PikaSim numbers help, plainly stated

Our data eSIMs and receive-only / carrier numbers are not tied to your identity through us: we do not run a KYC check, do not require an email, and do not hold a name. That breaks the "number → your legal identity" link on our side and gives you a number you can hand to a service without handing over yourself. It is genuinely useful for de-linking accounts from your real identity, and for age-gates and sign-ups that just want a working number.

Where it does not help: it is not a burner for evading a lawful investigation, it does not hide your device from the network (see the carrier note below), and it does not defeat on-device scanning. If someone promises you a SIM that does all that, they are lying to you.

The carrier layer, which no SIM seller can remove

Be clear-eyed about the network. The moment any eSIM is active, the mobile network it roams on sees your device's IMEI, the SIM's IMSI, the towers you connect to (which is approximate location), and traffic metadata. That is intrinsic to how cellular networks function, and no reseller, us included, can switch it off. What an anonymous eSIM changes is the identity attached to that record: the network sees a SIM profile bought with no name, not a registered subscriber. That is a real privacy gain, and it is also the honest ceiling of what a SIM can do.

3. Paying without a trail

How you pay is often the weakest link in an otherwise anonymous purchase, because payment is where a real name is easiest to attach. Here is what each method we accept actually leaks, written from the merchant side, which is a view most guides do not have. "We see" means what lands in our database. "Third party sees" means what the payment network or processor sees, which we do not control.

Method What we see What the third party sees Privacy
Monero (XMR) An invoice and a settled amount. No usable address linkage. The Monero protocol hides amounts and addresses. There is no public trail to read. Strongest
Lightning (BTC-LN) An invoice and amount. No on-chain address recorded. Lightning payments are not written to the public blockchain. Routing nodes see fragments, not the whole. Strong
On-chain Bitcoin (BTC) Invoice, amount, and for recovery we store the destination address and transaction hash. The Bitcoin blockchain is a permanent public ledger. The payment is linkable on-chain forever, even though we hold no identity. Moderate
Card (Stripe) A Stripe session ID and the amount. We do not receive or store your card number. Stripe and your bank see your name, card, and that you paid PikaSim. This is the one method that carries your real identity. Weakest

Two honest caveats. First, if you pay with an altcoin through our anonymizing swap, the coin is converted to Monero or Bitcoin before it reaches us, so what we store is the swapped leg, not your original coin. Second, on-chain Bitcoin is often described as anonymous; it is better described as pseudonymous and permanent. If unlinkability matters most to you, choose Monero or Lightning.

4. What we can see

This is the section almost no one who sells this stuff writes, so it is the one worth reading closely. Below is what PikaSim actually holds, by system, taken from our own data models rather than our marketing. The general rule: every record links to a payment identifier and a pseudonymous key, and to no required identity. Where we are unsure or a nuance exists, we say so.

Step What we store What we do NOT store Kept for
Your eSIM order A payment ID (Stripe session or BTCPay invoice), the package bought, the eSIM's own technical data (ICCID, activation QR), and a random device ID if you used the app. No name, no required email, no IP, no billing address. Retained (order record)
Card payment A Stripe session ID and the amount. We never receive or store your card number. We do not request billing address or phone. Retained (order record)
Crypto payment The invoice, amount, which rail paid, and for on-chain Bitcoin the destination address and transaction hash (needed to recover a lost eSIM). No identity. Email is optional and only stored if you type one in. Retained (order record)
The wholesaler call We send our upstream network partner only a package code and an opaque internal transaction ID. We forward zero customer information. The upstream never learns who you are from us. n/a (nothing personal sent)
Support ticket / chat Your messages, an optional email only if you provide one, a device ID, and a salted one-way hash of your IP plus a coarse "/24" label, used only to catch abuse and duplicates. No raw IP address. The hash is not reversible back to your IP. Retained (to learn from past cases)
Website analytics Aggregate, cookie-less analytics on our own self-hosted server (Plausible). No third-party trackers, no Google/Meta pixels, no cross-site profile. The only external asset is a flag-image CDN. 90 days, then auto-deleted

What this means if we are ever compelled

We respond to valid legal process, like any company. The point is what we can produce, which is only what we hold: a payment identifier and a pseudonymous key. We cannot hand over a name, an email, or a raw IP for a purchase, because we do not have them. For a crypto purchase there is no payment identity to give at all. This is why data minimization beats a policy promise: the strongest protection is not collecting the data in the first place. Our standing commitments are on our warrant canary, and how we run the infrastructure is on our privacy infrastructure page.

On honesty about retention: we do not auto-delete order records or support history, and we will not claim we do. What makes that acceptable is that those records contain no required identity to begin with. Transient technical data used to measure a purchase (a temporary IP and user-agent) is cleared right after the measurement, and analytics roll off after 90 days.

5. Beyond the number

If you have read this far, you probably care about more than a SIM, and we would rather point you to good sources than pretend a number solves everything. An anonymous eSIM is one layer. For most threat models it is not the most important one. In rough order of impact for message privacy:

  • Your device and messaging app matter more than your SIM for message content. A private messenger on a hardened phone does more than any number. Start with Privacy Guides and, for hardware, GrapheneOS.
  • The politics of Chat Control is worth following at the source rather than through headlines. Patrick Breyer's tracker is the most complete running account, and campaign groups such as exitchatcontrol.org organize the public response.
  • A better threat model beats any single tool. Decide who you are actually protecting against before buying anything, including from us.

FAQ

Did the EU just ban encryption / start scanning all my messages?

No. On 9 July 2026 the European Parliament failed to block the extension of a temporary, voluntary rule that lets platforms scan for known illegal images if they choose to. It runs until 3 April 2028. It does not mandate scanning and does not break end-to-end encryption. The far broader "Chat Control 2.0" (the CSAR regulation) that could require scanning and identity checks is still being negotiated and has not passed. Anyone telling you your encrypted chats are now scanned by law is wrong.

Does an anonymous SIM protect me from client-side scanning?

No, and we will not pretend otherwise. Client-side scanning happens on your device, inside your messaging app, before anything is encrypted or sent. A SIM card operates at a completely different layer. An anonymous number changes who your phone number is tied to; it does nothing to what your phone is doing on-device. If client-side scanning is your threat, the answer is your choice of device and app, not your SIM.

What can PikaSim actually see about me?

A payment identifier and a pseudonymous key. For crypto that is a BTCPay invoice and, for on-chain Bitcoin, the destination address and transaction hash. For card payments it is a Stripe session ID. The pseudonymous key is either a random device ID your app generated or, on support tickets, a salted one-way hash of your IP that we cannot reverse. We do not require an email, we do not store your name, and we do not keep a raw IP address for a purchase. See the full field-by-field breakdown below.

What does the carrier see once my eSIM is installed?

This is the honest limit of what any SIM seller can offer. Once an eSIM is active, the mobile network it runs on sees the normal things a network sees: your device identifier (IMEI), the SIM identity (IMSI), which cell towers you connect to, and traffic metadata. That happens at the network layer and no reseller controls it. What an anonymous eSIM removes is the link between that network record and your legal identity: the carrier sees a SIM profile, not a named account.

Which payment method is the most private?

Monero, then Lightning, then on-chain Bitcoin, then card, in that order. Monero hides amounts and addresses on the protocol itself. Lightning payments are not written to a public ledger. On-chain Bitcoin is a permanent public ledger, so although we hold no identity, the payment is linkable on-chain. A card payment means Stripe sees your name and card. We explain exactly what each one leaks below.

Do I even need this?

Often, no. Most people worried about surveillance are better served by a better threat model than by an anonymous SIM: a private messenger, a hardened phone, and good habits do more for message privacy than any number. We would rather tell you that than sell you something you do not need. An anonymous number matters when your phone number itself is the thing being used to identify, locate, or link you.

Sources

Every dated claim above traces to one of these. Last verified 10 July 2026.

  1. European Parliament vote of 9 July 2026 on extending the ePrivacy derogation, and vote counts (314 / 276 / 360). The Register, 9 July 2026.
  2. Regulation (EU) 2021/1232 (the interim "ePrivacy derogation") and the CSAR proposal COM(2022)209, status and history. Patrick Breyer, "Chat Control".
  3. What PikaSim stores, by system: taken from our own data models. Independently checkable against our Privacy Policy and warrant canary.

Corrections welcome. This page is maintained in the open. If a fact is wrong or out of date, open an issue or a pull request and we will fix it publicly, with a visible corrections log. Repo: github.com/codebruinc/pikasim-privacy-guide.

Licensed CC BY-SA 4.0. Fork it, translate it, republish it, just keep the attribution and the same license.

Published by PikaSim, which sells anonymous eSIMs. That is the one product link on this page, and it is in the footer on purpose.

Help