A cautionary tale. Diary pal decides to sign up to an online SMS service for a free trial. He sent off one or two of his allocated handful of gratis messages, and thought no more about it. Later that day, he got a phone call from the company, and a bod asked him what he thought of the service, would he be signing up, and all that sort of thing. Fair enough, thought our pal, and made the usual fob-off "early days yet, let's see how it works" response. "But you thought it was good!" said the bloke from the service. "You said so in your message."
At which point, all manner of alarm bells go off in our pal's head. "You mean, you read my messages?" "Have to. It's the law. They might be criminal" says eager salesman.
Pal and I conferred afterwards. We agreed that this was probably a case of start-up fever, where an over-eager MD decides to get too hands-on, and that they almost certainly wouldn't do it again. We also evolved a protocol for finding out if they did. And I decided not to make a news story out of it: not yet, anyhow, but we will be watching.
The moral of this story? Assume data you send is public, unless you take steps to make it otherwise. If you do use a commercial service, make sure the limits of privacy are explicitly stated in the contract or associated bumf. And, if you're the MD of such a service, don't go exposing yourself to people who know just about every technology journalist in town.