Why Mark Zuckerberg wants no privacy, why he wrote his letter, and why it won’t help him

David Chaum
xx network Blog
Published in
4 min readMar 20, 2019


According to his recent open letter on privacy, Mark Zuckerberg would have us all believe that he can combine his WhatsApp, Facebook Messenger, and Instagram platforms with “end-to-end” encryption to create the ultimate privacy-protecting platform. Truth is, he’s trying to preserve the $10–20 billion Facebook makes annually by spying on us — while fooling those mostly young people he says are moving off newsfeed to messaging into believing that end-to-end encryption means privacy.

“Metadata,” which he acknowledges Facebook will of course keep full access to, is key to this doublethink. Metadata is everything except the exact words you use — who you message, how long each message is, precisely when each message is sent — combined with all the other data Facebook captures and buys about you and your friends, including continual location monitoring.

We don’t need spies, whether government or corporate, in our “digital living rooms,” which is how Zuckerberg techsplained messaging in his letter. It doesn’t matter whether the spies can understand every word; and it’s probably even worse if they can’t and start inferring things from all the other data.

And, make no mistake, those who maintain that they themselves have nothing to hide, or that the dangers of “terrorism” are now so extreme that people should not be protected in their private informational lives — as if the most dangerous evil-doers would foolishly reveal their plans on such platforms — are themselves providing cover for the most insidious danger to our freedoms.

Fortunately, people are waking up to the reality that they have no digital privacy. Unfortunately, however, in the absence of alternatives, this fear itself can have a profound negative impact. It is what privacy advocates have been most concerned about for decades, and which I have personally observed in totalitarian regimes — what’s called the “chilling effect.”

In “Security Without Identification,” published in 1985 (years before the web), and revised in 1992 when invited to Scientific American, I predicted how the Internet would ultimately lead to a company like Facebook that would take harvesting metadata to its logical conclusion:

“Information service providers and other major interests, for example, could retain control over various information and media distribution channels while synergistically consolidating their position with sophisticated marketing techniques that rely on gathering far-reaching information about consumers. Computerization has already allowed these and other organizations to grow to unprecedented size and influence; if computerization is continued along current lines, such domination might be further increased.”

How can I now be so sure Mark Zuckerberg has not pivoted to care about privacy? After his letter appeared, I made an offer to him to test the technology that my company has developed. It has full end-to-end encryption and unprecedented protection of messaging metadata. You can never be sure why someone doesn’t respond to your offer, but this would have been a great opportunity for him to test true privacy.

Though Zuckerberg lays out a multi-year process to tweak end-to-end encryption policy, this fundamental solution already exists. Though it’s somewhat awkward to have to say so here, I was the first to propose and deploy privacy-protecting technologies such as end-to-end encrypted, metadata-protected messaging, anonymous digital currency, and vote-selling-proof online voting, among others. Right now, at my company Elixxir, we’re already running an Alpha version of a new platform on blockchain that implements breakthrough improvements in these original technologies. The platform will have full democratic user governance, making it impossible for a central authority to seize control or censor communications. The platform embodies a new, fully scalable business model.

What is the new business model? Well, instead of a centralized, one-sided model that preys on the public by extracting and exploiting the information that defines their digital lives, we’ve created a decentralized, two-sided model that generates true value — and pays for itself — by empowering decentralized applications (known as dApps) to provide services to users. Instead of things like payments, identity, and contracts being the exclusive province of mediating institutions, dApps can be authored by anyone and made securely available to users without the need for a trusted authority. And instead of nation-states or huge corporations setting policy, that’s done by the users.

Beyond the basics, dApps can unleash all manner of informational services — for instance, pseudonymous reputations, superior trading platforms, and transparent “smart” contracts that execute themselves. Instead of controlling and extracting 30% off the top from apps, Elixxir will use my new scalable, privacy-protecting currency, which I believe will prove technically second to none, to charge dApps solely for computing services. In this way we expect the platform to release a growing torrent of entrepreneurial creativity. The same currency will be the basis of our consumer payment system, seamlessly integrated with instant messaging, with all the speed and convenience of existing privacy-less platforms.

As the web turns thirty, we are at a genuine crossroads in its development. We can continue down the path of Facebook and the other tech giants, leading to a more and more surveilled yet less and less secure society — or we can choose the decentralized and democratic alternative and begin to realize the full potential of the Internet. That’s where Elixxir is headed. We aim to empower your digital sovereignty, and we invite you to join us.

Learn more about our platform by watching our new video:

Best Regards,




David Chaum
xx network Blog

Cryptography pioneer. Inventor & developer of the blind signature, mix networks, & the first anonymous digital currency. Founder/CEO @elixxir_io