Summary
Telecom, like email, wasn’t designed for privacy—so the baseline is leaky.
Privacy here means limiting what gets logged, how long it’s stored, and what it’s linked to (especially identity), and hardening what can be intercepted in transit.
REALLY: anonymous signup, no unnecessary storage, no monetization, the REALLY PrivateCore™ to keep roaming partners out, and tower-level CDRs that aren’t tied to your account, plus encrypted-calling protections and an included VPN.
The Critic’s Question
“What does ‘privacy’ actually mean in a phone network? And how is REALLY different if you still use T-Mobile’s towers?” Can’t they still tap my calls?
Why Telecom Is Inherently Flawed
Like email, telecom was designed decades ago to make connections work—not to keep your life private. That legacy shows up as:
PII collection at signup (ID, SSN, address).
Usage exhaust (call/event logs, tower associations, IP sessions).
Long retention by default.
Many hands on the data (vendors, roaming/host partners).
Even without reading content, metadata (who, when, where) maps your routines, relationships, and habits.
Where Privacy Usually Fails
B/OSS (Business/Operations Support Systems)
The “brains” for billing, provisioning, support, fraud. In most carriers, data spreads across multiple vendors, and in many MVNOs it flows straight into the host carrier’s systems.MobileCore
Authentication, policy, routing. Default logging creates detailed movement/usage footprints.Roaming/Host Partners
When the host’s OSS/BSS is used, they see subscriber data tied to activity. This includes Verizon and AT&T. And that’s how most MVNOs work too (Mint Mobile, BoostMobile, Straight Talk etc.)
How REALLY Defines Privacy Today
We flipped those defaults to reduce what exists, who sees it, and for how long:
Anonymous signup (no unnecessary PII): Start service without handing over government ID or sensitive identifiers.
No unnecessary storage: If a piece of data isn’t required to operate service or meet a legal duty, we don’t keep it.
No monetization, ever: We don’t sell or broker customer data. Our business is service, not surveillance.
Our own PrivateCore™: We run the “brains” ourselves. Roaming partners (e.g., T-Mobile) provide radio access (towers) but do not receive a mirror of identity-linked activity from us.
Tower-level CDRs exist—but not tied to you: Hosts necessarily create Call Detail Records at the tower. The difference is they cannot see which subscriber account those belong to, and we don’t warehouse those records for years.
Communications protections (high level): We add encrypted-calling protections (including anti-downgrade policies where devices support them) and ship a built-in, telco-native VPN for data sessions. (See: Encrypted Calling and VPN resources.)
Two Layers in Practice (Explicit Comparison)
A) Data Layer: identity, logs, storage, access
Big Wireless:
Collects PII at signup; centralizes identity-linked CDRs/metadata.
Stores for years; often monetizes; multiple vendors/partners touch the data.
REALLY:
Anonymous signup; no unnecessary storage; no monetization.
REALLY PrivateCore™ keep hosts out of subscriber identity.
Cell tower (RAN) CDRs disassociated from accounts; short retention, siloed.
B) Communications Layer: voice & data in transit
Big Wireless:
Standard call routing leaves downgrade points (e.g., IMSI catcher exposure); no network-level VPN for sessions.
REALLY:
Encrypted-calling protections, SIM-swap defense, and anti-downgrade policies where devices support them.
Built-in, telco-native VPN shields browsing/app traffic by default.
Clear limits: if the other party’s device is compromised, risk remains; we remove the weak links we control.
Addressing common questions
1) “Does ‘not collecting’ actually help?”
Yes. Storage precedes risk. If logs aren’t retained (or aren’t identity-linked), they can’t be leaked, sold, or demanded in bulk.
2) “Isn’t most of this public anyway?”
No. Your contact graph, timing, and location patterns are not public. They reveal sensitive life details even without message content.
3) “What would a hacker find if they broke in?”
At most carriers: large, identity-linked, long-retained datasets which is often enough to launch well informed and comprehensive spear phishing and/or identity theft campaigns
At REALLY: minimal, purpose-bound records; tower events not tied to your account; siloed systems—less to connect, sell, or misuse.
4) “What do authorities see?”
We comply with valid, targeted legal requests. Because we avoid long-term, identity-linked archives, the scope of what exists to hand over is naturally limited. We support case-by-case investigations, not dragnets. We don’t collect any personal information when you sign up, and we store minimal data for operations and billing. What we do have is locked down on our own servers, not in the cloud by a third party vulnerable to hackers or accessible by governments, and never linked to any personally identifiable information (since we don’t collect it). Can your phone still be tapped legally? Of course. But it's not easy like it would be on Verizon, AT&T or any other carrier, and with our setup authorities need to follow due process.
5) “What are CDRs? What’s RADIUS?”
CDR (Call Detail Record): Metadata about an event (time, duration, tower/cell, technical identifiers). Not call content, but the patterns can be revealing.
RADIUS: A common authentication/accounting protocol. Many carriers log it extensively; we minimize and silo such records instead of centralizing them.
Working Toward a Better Future
We’re the first to admit that telecom, as an industry, has deep flaws. Some are structural, like how calls and metadata are routed.
But here’s our approach:
Raise the baseline today: With data minimization, preventing monetization, and blocking partner access.
Push the architecture forward tomorrow: With decentralized wireless (DeWi), community-powered coverage, and quantum-resistant cryptographic protocols and other quantum related communications advances.
Think of it like email: today we can use encrypted mail providers to get better privacy, but the protocol itself was never designed for security. That’s why the future of communication will look very different. We’re building toward that future in telecom.
Wrap-Up
Telecom wasn’t built for privacy, but carriers still make choices. Ours are simple: anonymous signup, no unnecessary storage, no monetization, keep hosts out of subscriber identity, and don’t let tower logs become a dossier—plus stronger protections for calls and sessions.
Same towers. Different outcome.
Telecom baseline is flawed.
Big Wireless: collect PII, store extensively, monetize, and expose data to partners.
REALLY: PrivateCore™ includes anonymous signup, no unnecessary storage, no monetization, roaming partners blocked from subscriber personal information data, tower-level CDRs disassociated and not warehoused, plus encrypted-calling protections and a built-in VPN, all enforced by our own B/OSS + core and strict governance.
Sources: CALEA (lawful intercept framework), FCC CPNI rules & certification guidance, ISO/IEC 27701, SOC 2 Trust Services Criteria, NIST SP 800-53 (AU/AC families) for logging & access governance.
Join the only carrier that makes privacy non-negotiable.
