Every one of those goals sounds good on paper. Nobody likes robocalls. Nobody wants kids exploited online. Nobody wants scam farms running wild.<\/p>\n
But the solution governments and platforms keep reaching for is the same every time:<\/p>\n
Show ID before you communicate.<\/p>\n
That is the line. Once you see it, you can\u2019t unsee it.<\/p>\n
We already covered the FCC side of this in detail here: https:\/\/thethriftydev.com\/blog\/fcc-wants-your-id-to-activate-a-phone-privacy-is-dead\/<\/a><\/p>\n The short version: the FCC is exploring stronger \u201cKnow Your Customer\u201d rules for voice providers. In plain English, that means phone companies may be pushed to collect and verify identity information before activating service.<\/p>\n And at the same time, governments in the U.S. and abroad are pushing age verification and identity checks for social media access.<\/p>\n Phones. Social media. Messaging. Online speech.<\/p>\n The walls are moving inward.<\/p>\n So this post is not just another rant about privacy. This is a practical migration guide.<\/p>\n If Facebook<\/a>, X<\/a>, Instagram, TikTok, or your cell provider starts demanding more identity than you are willing to hand over, you need somewhere else to go.<\/p>\n That somewhere is decentralized social media.<\/p>\n And for most regular people, the best place to start is Nostr.<\/p>\n Let\u2019s separate facts from panic.<\/p>\n Important caveat up front: the FCC has not finalized a universal \u201cshow ID for every phone\u201d rule yet. What it has done is move forward with a Further Notice of Proposed Rulemaking called FCC 26-27.<\/p>\n That matters because this is the stage where the agency is asking what the final rule should look like.<\/p>\n And what they are asking about should make every privacy-minded person sit up straight.<\/p>\n The FCC is seeking comment on requiring originating voice providers to collect and retain identity information from new and renewing customers before granting access to service.<\/p>\n That information may include:<\/p>\n For higher-volume customers, the FCC is also asking about collecting intended use of service and IP addresses.<\/p>\n It also asks about prepaid service, postpaid service, third-party prepaid SIM cards, bulk SIM activation, re-verification, suspicious activity triggers, and retaining customer identity records for four years after the relationship ends.<\/p>\n Again: this is being framed as an anti-robocall measure.<\/p>\n But the result could be a world where anonymous or semi-anonymous phone access becomes much harder, especially for prepaid phones and VoIP.<\/p>\n That hits the exact people who often need private communication the most:<\/p>\n Now put that next to what is happening with social media.<\/p>\n Governments are pushing age verification and ID-based access rules for online platforms. Some are aimed at adult content. Some target social media. Some require parental consent. Some require platforms to verify age or block minors.<\/p>\n The details vary by jurisdiction, but the pattern is the same:<\/p>\n Before you can speak, read, post, follow, organize, or participate, some gatekeeper must decide whether your identity is acceptable.<\/p>\n That is a dangerous direction.<\/p>\n This is where people need to understand something basic:<\/p>\n Anonymous speech is not some weird internet loophole.<\/p>\n Anonymous speech is part of the American tradition.<\/p>\n The Federalist Papers were written under pseudonyms. Political pamphlets were often anonymous. People have always needed the ability to speak without attaching their legal name to every unpopular idea.<\/p>\n The Electronic Frontier Foundation<\/a> puts it plainly: the Supreme Court has repeatedly recognized that anonymous speech is protected by the First Amendment. EFF<\/a> also notes that secure anonymity can be life-saving for whistleblowers, human rights workers, domestic violence survivors, and people facing retaliation.<\/p>\n That is the key point.<\/p>\n Privacy is not just about hiding bad behavior.<\/p>\n Privacy is what lets good people act before powerful people can punish them.<\/p>\n Mandatory ID systems create at least four major constitutional and civil-liberties problems.<\/p>\n If people have to show government ID before accessing social media, many will not speak at all.<\/p>\n Not because they are criminals.<\/p>\n Because they are afraid.<\/p>\n Afraid of employers. Afraid of abusive partners. Afraid of mobs. Afraid of government lists. Afraid of leaks. Afraid of being punished later when political winds change.<\/p>\n A right you are afraid to use is a right being chilled.<\/p>\n Speech is not just what you post. It is who you follow, who you message, what groups you join, what movements you support, and what communities you quietly learn from.<\/p>\n Identity-gated platforms turn association into a record.<\/p>\n That matters for religious groups, political movements, health communities, addiction recovery, abuse survivors, and anyone exploring ideas that might be socially risky.<\/p>\n A lot of these laws are written broadly. They do not just target obviously harmful material. They can sweep up general-purpose social media, forums, comment sections, messaging features, and platforms that host lawful speech.<\/p>\n Courts have already blocked some state social media age-verification laws on First Amendment grounds.<\/p>\n That does not mean every ID law will automatically fall. The legal landscape is mixed, especially around adult-content age verification.<\/p>\n But social media is not a dirty magazine behind the counter. It is where people read news, organize communities, debate politics, document police activity, worship, campaign, build businesses, and maintain relationships.<\/p>\n Putting an ID checkpoint in front of that is not a small burden.<\/p>\n Even if you trust today\u2019s government, do you trust every agency, contractor, platform, carrier, data broker, hacker, and future administration that may touch the data?<\/p>\n Mandatory ID systems create databases.<\/p>\n Databases leak.<\/p>\n Databases get abused.<\/p>\n Databases get subpoenaed.<\/p>\n Databases get sold, copied, breached, correlated, and repurposed.<\/p>\n A phone company collecting ID to stop robocalls today can become a map of dissidents tomorrow.<\/p>\n A social media platform collecting ID for age verification today can become a political targeting database tomorrow.<\/p>\n This is not paranoia. This is what data does. Once collected, it grows legs.<\/p>\n Facebook<\/a> and X<\/a> are easy because everyone is there.<\/p>\n That is also the trap.<\/p>\n Centralized platforms have one login system, one moderation system, one algorithm, one policy department, one legal pressure point, and one kill switch for your account.<\/p>\n If they decide your name is wrong, your ID is insufficient, your post is misinformation, your reach should be throttled, your account should be suspended, or your country should be blocked, you have very little recourse.<\/p>\n You do not own your audience.<\/p>\n You rent access to it.<\/p>\n That rent can be raised at any time.<\/p>\n And when governments start pressuring platforms to require ID, centralized networks are the easiest targets. Regulators do not need to control every user. They only need to control the handful of companies everyone depends on.<\/p>\n That is why the answer is not \u201cfind a nicer platform.\u201d<\/p>\n The answer is to move toward protocols.<\/p>\n Nostr<\/a> stands for \u201cNotes and Other Stuff Transmitted by Relays.\u201d<\/p>\n Ignore the weird acronym for a second. The concept is simple.<\/p>\n Nostr<\/a> is not one app.<\/p>\n Nostr<\/a> is a protocol.<\/p>\n That means many different apps can speak the same language, the same way many different email apps can send and receive email.<\/p>\n On X<\/a>, your account belongs to X.<\/p>\n On Facebook<\/a>, your account belongs to Facebook.<\/p>\n On Nostr<\/a>, your identity is a cryptographic key pair:<\/p>\n If you use one Nostr<\/a> app and hate it, you can use another. Your identity moves with you.<\/p>\n That is the magic.<\/p>\n You are not trapped inside one company\u2019s app.<\/p>\n Nostr<\/a> clients are the apps you use to read and post. Examples include:<\/p>\n Nostr<\/a> relays are servers that receive, store, and broadcast posts. You can use multiple relays. You can switch relays. Technical users can run their own relay.<\/p>\n This makes Nostr<\/a> more resilient than a normal social network.<\/p>\n Not perfect. Not magic. Not immune to every attack.<\/p>\n But structurally different.<\/p>\n There is no single company that owns the whole network.<\/p>\n Here is the beginner path I would recommend for normal people.<\/p>\n Not the most hardcore setup. Not the most paranoid setup. The most usable one \u2014 because a migration plan people will actually follow beats a perfect plan nobody uses.<\/p>\n Start with Primal<\/a> if you want the least friction.<\/p>\n It works on web, iOS, and Android. It feels more like a normal social app than many older Nostr<\/a> tools.<\/p>\n Download it, create an account, and write down\/back up your private key.<\/p>\n This is critical:<\/p>\n If you lose your private key, you lose the account.<\/p>\n If someone steals your private key, they can take over the account.<\/p>\n There is no \u201cforgot password\u201d button for the protocol itself.<\/p>\n Store the private key in a password manager. Do not paste it into random websites. Do not screenshot it and leave it in your camera roll. Treat it like the keys to your house.<\/p>\n Use a recognizable name, photo, and bio if you want people from Facebook\/X to find you.<\/p>\n If you need pseudonymity, use a pseudonym from the beginning and do not mix it with your real identity.<\/p>\n Do not make the classic mistake of creating an \u201canonymous\u201d account and then importing every real-world detail from your public profiles.<\/p>\n Privacy is a system, not a username.<\/p>\n Search for people by name, public key, or Nostr<\/a> address.<\/p>\n Look for creators who have posted their npub on X.<\/p>\n Use discovery tools and starter lists.<\/p>\n Follow aggressively at first. Nostr<\/a> gets better when you build your own graph.<\/p>\n Unlike algorithmic platforms, your feed is often more directly shaped by who you follow and which relays your client uses.<\/p>\n That is a feature, not a bug.<\/p>\n Do not rage-delete Facebook<\/a> or X<\/a> on day one.<\/p>\n Use them as bridges.<\/p>\n Post something like:<\/p>\n \u201cI\u2019m moving more of my posting to Nostr<\/a> because I want social media that is not tied to one company, one algorithm, or one ID checkpoint. You can find me here: [your Nostr<\/a> npub \/ profile link]. I\u2019ll still check this account for now, but Nostr<\/a> is where I\u2019m building long-term.\u201d<\/p>\n Pin it.<\/p>\n Repeat it.<\/p>\n Put your Nostr<\/a> public key in your bio.<\/p>\n The goal is not dramatic exit. The goal is audience migration.<\/p>\n For the first 30-90 days, post on both.<\/p>\n Your old network is the funnel. Nostr<\/a> is the destination.<\/p>\n When someone replies on Facebook\/X, answer there, but also remind them where you are moving.<\/p>\n Make it easy. Most people will not move because of ideology alone. They move because someone they care about is already there and the path is simple.<\/p>\n Do not rely on any one platform to remember your people for you.<\/p>\n Keep a separate list of:<\/p>\n This is boring until the day it saves you.<\/p>\n At first, let your client handle relays.<\/p>\n Later, learn the basics:<\/p>\n Relays store and broadcast Nostr<\/a> events. If a relay disappears, posts stored only there may become hard or impossible to retrieve. Using multiple relays gives you more redundancy. Running your own relay gives you more control.<\/p>\n For most beginners, the goal is simple:<\/p>\n Use a good client, connect to several reputable relays, and do not keep your entire social life dependent on one server.<\/p>\n This part needs honesty.<\/p>\n Nostr<\/a> normally uses the internet.<\/p>\n If your phone has no data, your home internet is down, and you cannot reach any relays, your normal Nostr<\/a> app is not going to magically post through the air.<\/p>\n But Nostr<\/a> still matters for resilience because it removes the single-platform dependency.<\/p>\n If X<\/a> blocks you, you can still use Nostr.<\/p>\n If one Nostr<\/a> client disappears, you can use another.<\/p>\n If one relay blocks you, you can use another.<\/p>\n If you run your own relay, you have a stronger anchor for your own speech.<\/p>\n That is resilience at the social-network layer.<\/p>\n For actual no-cell\/no-internet communication, pair Nostr<\/a> with tools designed for that job.<\/p>\n That means:<\/p>\n We already wrote a guide to Meshtastic<\/a> here: https:\/\/thethriftydev.com\/blog\/meshtastic-build-your-own-off-grid-mesh-network\/<\/a><\/p>\n That is the practical off-grid layer.<\/p>\n There are also experimental bridges that connect Nostr<\/a> and Meshtastic. One project, Nostrastic<\/a>, describes a proof-of-concept for publishing Nostr<\/a> posts and sending\/receiving DMs over LoRa<\/a> using Meshtastic<\/a> with at least one gateway device connected to the internet\/MQTT.<\/p>\n That is cool. It points toward where things can go.<\/p>\n But do not confuse experimental bridging with a guaranteed emergency system.<\/p>\n If you want resilient communications, build a stack:<\/p>\n Nostr<\/a> for censorship-resistant public social identity.<\/p>\n Meshtastic<\/a> for local off-grid text.<\/p>\n Briar<\/a> or SimpleX\/Session for private messaging without phone-number dependence.<\/p>\n A password manager for your keys.<\/p>\n A printed contact sheet for when all the apps fail.<\/p>\n That is how you stop depending on one fragile pipe.<\/p>\n If you only do the basics, do this:<\/p>\n That is it.<\/p>\n This is how you start moving from rented reach to owned reach.<\/p>\n You do not need to become a cryptography expert.<\/p>\n You do not need to self-host everything on day one.<\/p>\n You just need to stop letting one corporation and one government ID system sit between you and your ability to communicate.<\/p>\n Because migration is easiest before it is urgent.<\/p>\n When platforms demand ID, it is too late to calmly move your audience.<\/p>\n When your phone number becomes harder to activate privately, it is too late to build alternate contact paths.<\/p>\n When your account is locked, your reach is throttled, or your old platform becomes unusable, it is too late to discover that nobody knows where else to find you.<\/p>\n The time to build parallel systems is while the old ones still work.<\/p>\n That does not mean panic.<\/p>\n It means preparation.<\/p>\n The government may say mandatory ID is about robocalls, fraud, bots, and child safety.<\/p>\n Social media companies may say it is about trust and authenticity.<\/p>\n But your rights do not survive on slogans. They survive in architecture.<\/p>\n If all your speech runs through identity-gated platforms, your speech is permissioned.<\/p>\n If your audience only exists inside corporate apps, your audience is rented.<\/p>\n If your communication depends entirely on phone numbers tied to government ID, your private life is one policy change away from exposure.<\/p>\n So start moving.<\/p>\n Create the Nostr<\/a> account.<\/p>\n Back up your keys.<\/p>\n Move your people.<\/p>\n Build the parallel network now, while the move is still voluntary and calm instead of forced and chaotic.<\/p>\n Stay free. Stay reachable. Stay hard to shut down.<\/p>\n \u2014 TheThriftyDev<\/p>\n If you want to watch the actual dev log instead of algorithm-filtered scraps, follow TheThriftyDev on Nostr too. I\u2019m posting Bleach Unlimited parity updates, open-source build notes, and raw progress there without the usual feed games.<\/p>\n Follow TheThriftyDev on Nostr<\/a><\/p>\n That is the whole point of this migration: own your social graph before the gatekeepers decide who gets to speak, who gets buried, and who has to show papers first.<\/p>\n <\/p>\n <\/p>\n <\/p>\n <\/p>\n <\/p>\n For off-grid communication, also see the Meshtastic off-grid mesh network guide<\/a>.<\/p>\n <\/p>\n <\/p>\n Get the Nostr Starter Checklist<\/strong><\/p>\n What Is Actually Happening?<\/h2>\n
![\"Government](\"https:\/\/thethriftydev.com\/blog\/wp-content\/uploads\/2026\/05\/01-id-checkpoint.png\")
<\/figure>\n\n
\n
![\"Identity](\"https:\/\/thethriftydev.com\/blog\/wp-content\/uploads\/2026\/05\/02-data-honeypot.png\")
<\/figure>\nThe Constitutional Problem<\/h2>\n
1. First Amendment chilling effect<\/h3>\n
2. Anonymous association<\/h3>\n
3. Overbreadth and vague enforcement<\/h3>\n
![\"Anonymous](\"https:\/\/thethriftydev.com\/blog\/wp-content\/uploads\/2026\/05\/03-anonymous-speech.png\")
<\/figure>\n4. Privacy and data honeypots<\/h3>\n
Why Centralized Platforms Are the Wrong Place to Bet Your Future<\/h2>\n
![\"Centralized](\"https:\/\/thethriftydev.com\/blog\/wp-content\/uploads\/2026\/05\/04-centralized-platform.png\")
<\/figure>\nWhat Makes Nostr<\/a> Different?<\/h2>\n
\n
\n
The Most User-Friendly Way to Move From Facebook<\/a> or X<\/a> to Nostr<\/a><\/h2>\n
Step 1: Create a Nostr<\/a> identity with a beginner-friendly client<\/h3>\n
![\"Decentralized](\"https:\/\/thethriftydev.com\/blog\/wp-content\/uploads\/2026\/05\/05-nostr-network.png\")
<\/figure>\nStep 2: Set up your profile<\/h3>\n
Step 3: Find people to follow<\/h3>\n
Step 4: Post a migration notice on your old platforms<\/h3>\n
![\"Private](\"https:\/\/thethriftydev.com\/blog\/wp-content\/uploads\/2026\/05\/06-key-backup.png\")
<\/figure>\nStep 5: Cross-post for a while<\/h3>\n
Step 6: Back up your contacts and key information<\/h3>\n
\n
Step 7: Learn relays without obsessing over them<\/h3>\n
What Nostr<\/a> Can and Cannot Do If the Internet Gets Shut Down<\/h2>\n
![\"Migration](\"https:\/\/thethriftydev.com\/blog\/wp-content\/uploads\/2026\/05\/07-migration-bridge.png\")
<\/figure>\n\n
The Simple Migration Checklist<\/h2>\n
\n
![\"Meshtastic](\"https:\/\/thethriftydev.com\/blog\/wp-content\/uploads\/2026\/05\/08-offgrid-mesh.png\")
<\/figure>\nWhy Move Now?<\/h2>\n
![\"Resilient](\"https:\/\/thethriftydev.com\/blog\/wp-content\/uploads\/2026\/05\/09-resilience-stack.png\")
<\/figure>\nFollow the Build on Nostr<\/h2>\n
Sources and Further Reading<\/h2>\n
\n
Nostr vs Traditional Social: Quick Comparison<\/h3>\n
\n\n
\n \nFeature<\/th>\n Traditional social<\/th>\n Nostr<\/th>\n<\/tr>\n<\/thead>\n \n Architecture<\/td>\n Centralized platform<\/td>\n Decentralized relays<\/td>\n<\/tr>\n \n Phone required<\/td>\n Often required or pressured<\/td>\n No phone required by protocol<\/td>\n<\/tr>\n \n Censorship risk<\/td>\n High platform control<\/td>\n Lower, relay choice matters<\/td>\n<\/tr>\n \n Data ownership<\/td>\n Platform account owns reach<\/td>\n You own your keys<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/figure>\n Get Started on Nostr in 5 Minutes<\/h3>\n
\n