DeletedUser84

Governments, especially anti-freedom ones like Australia, really don't like monetary anonymity.

A credit card not tied to an identity is the very definition of that.

If you want a CC that can't feasibly be tied to your identity and are unwilling to violate the law then you are looking at a complicated chaining of legal entities across multiple selected jurisdictions.

It is expensive and doing it right will cost you tens of thousands of USD in initial setup fees and thousands more each year in maintenance fees.

Or you find some homeless guy with a government issue ID who is willing to be your front man for a hundred bucks and hope he doesn't tell the government about the arrangement.

Because if the government knows the ID or CC that was used then they can search for all SIMs linked to that ID/CC and mark any that can't be explained for detailed investigation. Note that doing this is likely a crime, consult an Australian legal professional for a detailed analysis.

You may also be able to get a physical prepaid SIM card at the airport. Or convince a tourist to let you use their identity for one. Some dude flying back to Brazil and unlikely to ever come back to Australia may well be willing to use their passport to buy you a reloadable prepaid SIM. Just wait a few months to start using it.

      Would there be a privacy benefit of me using a KYC Data-Only SIM, and then just using VoIP numbers for normal communication on occasion? I barely use calls/SMS and mainly use Signal with VPN always on anyways.

      I've seen someone else on the forum running this setup, and they're from Australia too. I guess one of the benefits would be calls/texts are not attached with location information, because they're done over a VPN. And I wouldn't be giving out my primary number attached on the SIM card, so technically, it would be unknown (to all companies apart from the provider itself and probably government).

      Anyone got any opinions on this setup?

      DeletedUser84 I'm not an expert but this is a topic that interests me so I've been trying to learn as much as I can about it.

      There's a good section in "Practical GrapheneOS for the paranoid" on cellular privacy, which has some footnotes referencing posts by the official GrapheneOS Twitter account.

      Even if you buy the phone and SIM with cash and no KYC, the best you get is a persistent pseudonym. Over time, unless you are extremely cautious and in particular unless you avoid having the phone connected to the cell network anywhere near your home, the government/police/cell companies/anyone they sell their data to will be able to infer that the phone almost certainly belongs to you.

      The cell network will know your location pretty precisely at any time you are connected to it. I've seen different figures quoted for this, but in urban areas I think easily to within a few hundred metres. 4G might be slightly less precise than 5G - again, I have seen conflicting opinions. So if you're always connected and using a KYC SIM, this means the cell network is trivially building up a location track for you at all times. If you're always connected but using a no-KYC SIM/phone it is not hard to do the same but it requires a modest bit of data analysis to label the track with your real identity, and if you're just some random guy I don't know if anyone is going to do this analysis routinely.

      If you haven't already seen it you may want to check out The Hated One's video on not using a SIM card.

      If you are concerned about your location being tracked and can afford not to be in contact 24/7, you can try keeping your phone in airplane mode most of the time, using wifi where available and just turning on the cell radio when you really need to be contacted/get in contact. By limiting the time the cell radio is on, you reduce the amount of location tracking data available to third parties - if you're just trying to be more private, it might not matter to reveal it intermittently. In urban areas, you may be surprised how often wifi is available - you could extend this by occasionally patronising businesses with customer wifi in areas you frequent, which means you can trivially use their wifi from the street as you pass (and may even be able to get notifications about incoming messages or missed calls just as you walk past). Businesses with "normal" wifi that has a password they give out to customers is best - those with open wifi which makes you navigate through a web-based portal to get internet access are much less useful for this kind of casual, brief walk-by access.

      There is definitely some privacy benefit to only using mobile data and avoiding calls/SMS, whether or not your SIM/phone are KYCed. Calls/SMS are not encrypted so the contents are likely to be routinely monitored. The metadata is not protected either so it's easy to build up a pattern of who you contact and when. If you're using VoIP to interact with people using "normal" phones, there might not be much advantage because you are still interacting with the regular phone network, but it's unlikely to be any worse. If you and the person you are contacting are both using VoIP there may be some increase in privacy, although you're trusting the VoIP operators for this.

      If you use something like Signal your calls/messages and associated metadata are likely to be kept private. Yes, "they" could compromise the devices used by your contacts, but if you're just a random guy who wants some privacy, this is unlikely. So this is the best option, and is completely compatible with using a KYC SIM for data only, but I appreciate you may need the convenience of having access to the normal phone network.

      Skype offers the ability to make calls to normal numbers over a data connection at a pretty decent per-minute rate - it isn't particularly private, but if this is enough for you it may save you money on VoIP services. (Maybe you can nearly get by with just Signal and this would fill in the gaps.) You can also rent a phone number through Skype for receiving calls, but I don't know how affordable or reliable this is.

      It's important to bear in mind who you are trying to be private from and why. I know I often succumb to the temptation to think of a unified "they" who are constantly snooping on me. If motivated attackers are after you specifically, it is hard. But even if it might be nice to be a ghost, if what you really want is just to reduce the amount of data being built on you so you can be advertised to and generally influenced, every little helps and perfection is not needed.

        PS (the edit timeout expired) It may help a bit to keep the phone number (if any) of your KYC-ed SIM confidential. If you don't plan to use the call/SMS features of your SIM, no one needs to be given the number. The cell network etc unavoidably know it, but if you avoid giving it out to anyone else, that reduces the chances of them being able to use it against you. While it may be dated in many respects, you might like to read JJ Luna's "How to be invisible" for some insights. Your phone number can be used in social engineering attacks, for example, so keeping it confidential adds an extra hurdle the attacker has to jump over if they don't have privileged access to the KYC-ed data.

          sr967 Thank you so much for your long and detailed response. It really helps me understand more of this and I can see clearly that you're quite knowledgeable of this stuff.

          I'm thinking of opting for a KYC data only sim for mobile data and then using VoIP numbers for phone calls. But because I don't really use phone calls/sms, and instead use Signal, those VoIP numbers will barely get used anyway.

          This is a question I have, even after reading Michael Bazzell's privacy guides.

          Would it be better to just get a mobile data KYC SIM that has no phone number attached, or to just get a normal KYC SIM that has a phone number on there but never use that or share that phone number with anyone?
          Thank you so much.

              DeletedUser84 Thanks for your kind words!

              I think all SIMs have a phone number anyway, even if it doesn't actually work in the traditional sense. The silent.link data only SIMs do - it is mentioned in their FAQ - and I've seen 5G data only SIMs used in 5G home routers with numbers too. There's also this admittedly rather old stackexchange post saying the same.

              It probably makes little difference in practice if you don't plan to give the number out anyway.

              If you can get a better price on a SIM with calls+text+data and just not use the calls+text compared to specifically buying a data-only SIM, that is probably just as good from a privacy point of view and obviously a win financially. Depending on your precise threat model, having a SIM capable of calls+text as well just might come in handy in some kind of emergency (I need to call X right now and mobile data isn't working), even if you plan never to use it.

              (The "practical guide for the paranoid" I linked to does say there may be a reduction in attack surface from not having calls or texts, but that it doesn't particularly matter otherwise.)

                  sr967 Thanks again for your response, I really appreciate it.

                  Here in Australia, at least with the carrier I'm interested in, the data only SIM is actually cheaper and offers more data compared to a regular SIM with data, calls and SMS.

                  So I'll think I'll go with the data only KYC SIM, thanks again for your help and guidance. And if you have anything else to share, feel free to because I'd love to learn more.

                    To the topic of credit/debit cards and how to get them anonimously:

                    In some jurisdictions, it is still possible for a company to provide these cards to you WITHOUT knowing anything about who you are IF the card have a restriction, that it can not by used for cash withdraw and money transfer. (You can use it to buy something, but not to deposit money to a bank or withdraw cash.)

                    Some companies decided to use that opportunity to provide no-kyc cards that you can top up with bitcoin (or other cryptocurencies) and buy something online.

                    Great example of that is paywithmoon.com.

                    So if the Currier (or some other merchant) do not need the card to by from Australia, it may be worth it to try.

                    And if the the Australian curriers do not accepts cards from outside Australia, or if it turns out that ID is required no mether how you pay, you can use the same card to buy data-only esim for tourists.

                    Thare is a lot of services that sell you data esim and do not need the ID. Some are privacy oriented and take crypto. (Like silent.link that was mentioned before.) Some are just ment for tourists. (People who travel to Australia for short Holliday's do not want to upload ID to random Currier's website just to get short therm data plan)

                    Good repository of tourist orriented esim's is esimdb.com. Almost non of them need the ID. But they do not accepts crypto, so the no-kyc card is a prerequisite of paying for their service anonymously.

                    Blastoidea It depends of from what you are hiding.
                    If you are hiding from targeted investigation, yes, you probably file eventually.

                    If you just want to ensure that mass surface have hard time knowing what you are duing all day and whare you are all the time, then that is possible unless they decided to dedicated a resources to specifically track YOU (not just collect data on population in general) .

                        DeletedUser84 I still use the given SIM numbers (I have two; one for personal one for professional; my Pixel is dual-SIM. I also maintain a personal Signal and professional Molly, per MB's approach). I haven't yet gone the route of VoIP numbers with a data-only SIM. I've found trying to get my head around how to set that up to be a bit too complex. But, if there is someone who has done it here in Oz, then I might look at that again in the new year. I'd try to port my existing numbers to VoIP, as I do not want to lose them.

                            LunaticBuzz yeah I'm planning to just use VoIP numbers, and a data-only SIM. I have found 2 great providers for this. You can port your numbers no problem.

                            The Sipnetic app also just for VoIP calls/SMS is excellent, I really like it. If you need any help with this, I am familiar with setting up everything, it's quite simple.

                              petrnovak thanks heaps for your suggestions.

                              I have tried to use pre-paid cards to pay anonymously, but carriers don't accept them more unfortunately. I think they've smart-end up.

                              Regarding Silent Link, in my original post, I talk about how I generally don't trust them and how they're a bit suspicious. So I think I'll stay away from them. But thanks for that anyways.

                              I feel like in a country where there's KYC for Sims and whatnot it's probably best not to try and get a SIM, and provide a fake name because if they scan that name and it comes out that there's no person that exists with that name, then you will probably be very closely watched and maybe even targeted or attacked, or something like that.

                              With a no KYC roaming sim, you come across as less suspicious depending on the number attached to the sim, but if you're staying there for a long while EG; a couple of years, then you come across as suspicious because what tourist is holidaying in the same area for years on end.

                              And with what Sr967 said earlier, You can be deanonymized very quickly, even without using your real name attached to the sim. And then you can come across as a lot more suspicious as well.

                              What I found during my privacy journey is that you don't want to stand out in the crowd, you want to blend in, so a lot of these different ways to get a sim can actually make you stand out more and reduce your ability to blend in with the crowd.

                              I appreciate your input!

                                JollyRancher

                                Haha... I'm not an Aussie, but have spent a lot of time there. A few years ago I watched a friend buy an activated pre-paid SIM from a youth who'd used up all the credit and was just using the phone as a music player. It cost him $200. Once he had the SIM, number and account all he had to do was pick the plan he wanted and buy some credit.

                                My SIM is one of tens of thousands of company SIMs and is not associated with me directly. Same for my credit cards.