Rebecca Williams

Burner Phone 101

Rebecca Williams
Rebecca Williams
Burner Phone 101
A handmade flyer to support the analog/anonymous themes of the Burner Phone 101 event.

Hosted by the Brooklyn Public Library, this Burner Phone 101 workshop introduced participants to phone-related risk modeling, privacy-protective smartphone practices, the full spectrum of burner phone options, and when to leave phones behind entirely.

BURNER PHONE 101
Burner Phone 101 Workshop Presentation BPL RW 8.16.25
BurnerPhone101.pdf
18 MB
download-circle

In August 2025, I hosted a Burner Phone 101 Workshop at the Brooklyn Public Library. Below is a summary of the workshop with key points in bold and additional resources that participants helped crowdsource.

Secret Goals

Before the workshop began, we set the collective tone by sharing the goals, secret goals, and anti-goals. This helped participants know what to expect, created space for deeper learning, and reinforced the boundaries that kept the workshop safe and supportive. The goals were to learn about burner phones and have fun. The secret goals were to learn the limits of burner phones, connect them to broader digital privacy practices, and build confidence to share these lessons with loved ones. The anti-goals were just as important: do not share sensitive personal information and avoid framing these tools in ways that promote harm, harassment, or abuse.

Know Your Risks

Many people carry a general sense of feeling unsafe, but it can be hard to name the specific fears or what those fears would affectuate if realized. That is why we framed risk modeling as the foundation for using a burner phone, built on three core questions:

  • What are you trying to protect?
  • Who are you protecting it from?
  • What happens if it fails?

Without this clarity, it is easy to end up applying a laundry list of privacy best practices that do not fit your needs and to miss the protections that actually matter. We applied the framework to four scenarios: attending a protest, being present at an ICE raid, facing harassment, and even protecting yourself from yourself in cases like phone addiction (which is also valid). We emphasized the need to work backwards from what you are protecting and from whom, and we also stressed considering the risks to others in your network, not only your own.

Smartphones

Next, we discussed why your smartphone is risky and how you can improve it today, even without a burner phone. We covered how device IDs — the IMSI tied to your SIM and cell tower access, and the IMEI tied to your hardware — make true phone anonymity nearly impossible. We also outlined four broad categories of data your phone collects and how each can be exposed

  • Identity & finance: payments, contracts, phone numbers, and digital IDs.
  • Location & movement: GPS, Wi-Fi, Bluetooth, cell towers, and sensors, exposed by spyware, stalkerware, tower dumps, and data brokers.
  • Communications & social graph: calls, texts, and contacts, exposed through spyware, stalkerware, and forensic tools.
  • Content & storage: accounts, apps, photos, backups, and local files, exposed by spyware, forensic tools like Cellebrite and GrayKey, and cloud subpoenas.

Privacy Tips for All Phones:

  1. Keep device & OS as updated as possible
  2. Strong PIN, not biometrics
  3. Disable cloud backups / use encrypted backups
  4. Install Signal
  5. Enforce strict app permissions (deny mic, camera, location) unless needed
  6. Radios off (GPS/Wi-Fi/Bluetooth) unless needed
  7. Store minimal sensitive data (including photos)

For Android specifically: Disable Google Location History & ad personalization, use Firefox or Brave instead of Chrome, restrict Gemini / Google Assistant, consider F-Droid for trusted apps, consider GrapheneOS or CalyxOS.

For iPhones specifically: Enable Ask App Not to Track, restrict Siri & Apple Intelligence, erase after 10 failed passcode attempts, use Lockdown Mode (iOS 16+) if high-risk.

During the discussion, we clarified that SIM cards do not store photos or emails, though they may hold a small number of contacts or text logs depending on carrier settings. We also explained that a fully powered-down phone should not be transmitting data to towers, but its absence of activity can itself raise suspicion by inference. Voiceprints also came up: your voice can be used as a biometric identifier, and while apps may slightly alter audio, your vocal patterns remain a relatively unique marker. Participants also asked about carriers, encryption, and evidence. We reviewed carrier data retention schedules, noted that data brokers track which carrier your number is currently using, and discussed the limits of Fourth Amendment and warrant protections.

Burner Phones

From there, we moved into the “off the grid” options and mapped out a taxonomy of what people mean by a burner phone. We talked through four main categories:

  • Prepaid or repurposed phones: Cheap and flexible, but still tower-tracked and vulnerable to forensic phone breaking. Some can support Signal.
  • SIM rotation: Rotating SIMs manually or using PGPP eSIMs changes your IMSI, though your IMEI stays constant.
  • Minimal or dumb phones: Fewer apps, but limited functionality and no encryption. Staying off social more is still a win.
  • Device disguises: Tools like VoIP numbers, VPNs, or hotspots can obscure identifiers but still leave metadata trails.

Each of these offers some protection, though none guarantees anonymity.

Universal Burner Phone Set Up:

  1. Buy phone & service in cash
  2. Do not share your email, phone number, or ID with carriers or clerks when activating service
  3. Set up with public Wi-Fi
  4. No personal accounts, no contact imports, no being yourself on the device
  5. Do tips 1–7 for all devices above, but minimize radios/app permissions/photos as much as possible (or you may compromise your burner)
  6. Rotate your SIM (physical or with PGPP; carrier eSIM changes leave a trail)
  7. Treat as disposable

Throughout the discussion, I emphasized three key lessons: IMSI and IMEI still make true anonymity difficult, every option provides some protection if matched to the right risks, and how you set up and use the phone matters as much as buying it. And the best burner is no phone at all. We had participants pass out free burner phones courtesy of Jose Briones, showcase various phones they used to compartmentalize their lives, and chat through setups that have worked and not worked for them.

5. No Phone

Finally, we covered when no phone can be the strongest option since burners are not foolproof.

When to Go No Phone:

  • Where location tracking could become evidence
  • Where confiscation risk is high
  • When you don't want an association trail

You can practice this with analog tools. Use a paper or saved photo map and keep contacts written down. You can also set preset meeting points, rely on Wi-Fi devices like a tablet, or share community phones sparingly. We discussed a spectrum of protections when you need to limit exposure. Faraday bags provide the lowest level, blocking signals temporarily but offering no defense once the phone is removed. Airplane mode reduces some transmissions but does not disable everything. Fully powering down your phone offers stronger protection, since a shut down device should not communicate with towers. At airports and border crossings, another key strategy is to minimize what is on your device in the first place. Removing social media apps, old texts, photos, and other sensitive content lowers the risk if your phone is searched or confiscated, since less will be available to access.

6. Q&A and Live Setup

We closed with a Q&A and live setup session, where participants could try out the guidance directly by testing prepaid setups, adjusting smartphone privacy settings, and comparing strategies with one another. The final lesson was that this work is collective: what can we still learn from each other?

You can check out the full presentation here. If you have suggestions to improve this guide, shoot me an email; it's for all of us.

#Archive #Teaching
You might also like
Writing public

Digital ID Resistance Resources

Rebecca Williams
Published by the Surveillance Resistance Lab, these resources include a live state-by-state status tracker, actionable organizing strategies, and a rights-based framework outlining key demands to resist digital ID systems.
Writing public

How Congress Can Delete DOGE

Rebecca Williams
Published in Tech Policy Press, this piece explains how budget loopholes and cybersecurity authorities enabled the rise of DOGE’s parent agency, the U.S. Digital Service. It outlines how Congress could defund DOGE to reclaim oversight.
Great! Next, complete checkout for full access to Rebecca Williams
Welcome back! You've successfully signed in
You've successfully subscribed to Rebecca Williams
Success! Your account is fully activated, you now have access to all content
Success! Your billing info has been updated
Your billing was not updated