The unauthorized code added at the top of the websites is not malicious, but Symantec says it's collecting private data on visitors, like user IP, page title, page URL, URL referral, Flash version, user language settings, and screen resolution. I believe this is called metadata? And there are ways to prevent is execution.
A messaging application favoured by Mr Turnbull is Wickr. Using this is a much better suggestion. Wickr messages are sent to a server and then delivered to the recipient when they log in. The metadata captured for both the sender and receiver will only show that there has been communication with the Wickr server. There is no metadata directly linking the recipient and the sender. Ref.: http://theconversation.com/is-it-po...adata-retention-and-retain-your-privacy-39429