In a bold step toward internet-free communication, Jack Dorsey, the co-founder of Twitter, Square, and Bluesky, has launched Bitchat, a secure messaging app that operates entirely offline using Bluetooth Low Energy (BLE) mesh networking.
Touted as a potential game-changer for privacy enthusiasts, Bitchat is already drawing attention from both tech developers and legal experts.
According to a white paper released on GitHub, Dorsey’s new app bypasses centralized infrastructure by creating peer-to-peer communication networks through BLE — a technology typically limited to 100 meters. Bitchat, however, claims to stretch that range to 300 meters (984 feet) using automatic message relays across mesh nodes.
“Bitchat addresses the need for resilient, private communication that doesn’t depend on centralized infrastructure,” Dorsey wrote. He explained that the tool enables secure, encrypted communication in close physical proximity without needing cellular networks or Wi-Fi.
The app was built with the help of “Goose,” an open-source AI coding assistant developed by Dorsey’s financial tech company, Block. Described as a “weekend project,” the application reflects growing interest in decentralized communication tools—especially among users in high-censorship regions or during infrastructure blackouts.
Legal and Cybersecurity Concerns
Despite its promising architecture, cybersecurity experts and privacy attorneys have already raised red flags. One key concern is Bitchat’s authentication layer, which, as currently designed, may leave room for man-in-the-middle attacks or allow unauthorized access to encrypted messages.
Dorsey has since added a legal disclaimer stating:
“This software has not received external security review and may contain vulnerabilities and does not necessarily meet its stated security goals. Do not use it for production use, and do not rely on its security whatsoever until it has been reviewed.”
This admission may help limit liability exposure, but legal analysts caution that open-source developers—even for non-commercial projects—can face scrutiny if their apps are used for illegal activities or cause harm through data breaches.
Implications for Privacy Law and Tech Regulation
Bitchat enters the landscape at a time when regulators worldwide are tightening scrutiny on end-to-end encryption and anonymous communications.
Apps like Signal and Telegram have already faced legal challenges over user privacy, terrorism, and disinformation concerns. While Bitchat’s BLE-based design skirts traditional internet surveillance, it also complicates compliance with existing cybersecurity and communications regulations.
“The fact that Bitchat operates entirely off-grid makes it both attractive for privacy-conscious users and a challenge for law enforcement agencies relying on traditional digital traceability,” said a privacy law expert who declined to be named.
The lack of third-party security audits could also become a liability if vulnerabilities are exploited after broader adoption. Developers working in similar areas have faced negligence claims, especially where representations of security were later shown to be unreliable.
