Breaking news

Read our blog to learn why privacy matters. And don't forget to get an encrypted mailbox yourself!

  • Which is the most secure email service?

    Privacy and security are becoming increasingly popular so more and more services try to promote themselves as the most secure email provider. But there is much more to security and privacy than just encrypting a bit of data. Most of the times, these claims are only marketing claims anyway (looking at you Gmail). We've collected the facts and explain in detail why Tutanota is the most secure email provider in the world.

  • Germany: Data retention to be abolished once and for all.

    The new German government wants to change the German data retention regulation so that it complies with European and German constitutional privacy rights. The top European Court has now decided that such a change is necessary asap. Any storage of telecommunications data without any reason must be prohibited. This is very good news and it sends a clear signal to the world: Your right to privacy is being respected in Germany!

  • What is data retention - and why we need to fight it!

    The European Court of Justice (ECJ) has just issued an amazing ruling on data retention: Your telephone and online communication data must not be stored without cause, which makes data retention illegal in Europe. The ruling comes after a lawsuit issued by German telecommunication providers Deutsche Telekom and SpaceNet. Now we must keep fighting data retention laws worldwide!

  • Resolved: Microsoft blocks Tutanota users from own service: Tutanota users can't register a Microsoft Teams account.

    We are happy to announce that after the media picked up the story that Microsoft is blocking Tutanota users from registering a Teams account, Microsoft got in touch with us and fixed the issue. And while the issue is now resolved for Tutanota users, this example of anticompetitive behavior - even if out of negligence - shows why better antitrust legislation is needed.

  • Cross-site scripting vulnerability fixed.

    On June 22 we were informed about a Cross-Site Scripting (XSS) vulnerability in all Tutanota clients. We immediately started working on a fix, which was published two days later. Now, all affected versions of Tutanota have been disabled and we would like to inform you about the issue for full transparency.

  • Denmark bans Gmail and Co from schools due to privacy concerns.

    Danish schools must stop using Google's email and cloud services due to concerns or violating the high European privacy standards defined by the GDPR. According to Denmark’s data protection authority, Google’s cloud-based Workspace software suite "does not meet the requirements" of the European Union's GDPR data privacy regulations.

  • Dutch schools must stop using Google's email and cloud services due to privacy concerns.

    Dutch schools and universities must stop using Google's email and cloud services due to privacy concerns. According to the Dutch Personal Data Authority, educational institutions do not know how and where the personal data of pupils and students are processed and stored. As a result, the processing of the information would be "not lawful."

  • NIST publishes quantum resistant encryption algorithms – Tutanota already uses them in a prototype!

    Encryption is the best tool to protect your private data. To make sure your data stays secure in the future, post-quantum secure encryption is needed. Now, NIST pushes ahead with CRYSTALS-KYBER, CRYSTALS-Dilithium, FALCON, SPHINCS+ algorithms to harden encryption against future attacks from quantum computers. We at Tutanota have already built a prototype with these same algorithms. We plan to upgrade the encryption in Tutanota well before quantum computers are able to break currently used algorithms.

  • Post-Roe America and the Importance of Encryption.

    Hi America, this is Brandon from Tutanota. As I’m sure you already know, on June 24, 2022 the Supreme Court of the United States delivered the ruling that the US Constitution does not confer the right to abortion, thus overruling Roe v. Wade and Planned Parenthood v. Casey. As soon as the decision was made public, thirteen states with trigger laws were able to begin enforcing stricter restrictions on abortions.

  • Goodbye Profiling. Hello Privacy.

    In 2021 publishers and shops have started to use a cookieless tracking technology. It's based on your email and login information, so you should know about it. Especially as you are even tracked without login. But you can easily stop being profiled and tracked! Here is how.

  • Leaked 'chat control' document: Will Germany fight for privacy?

    Since autumn 2021, Germany has a new government, and this new government has agreed in their coalition paper that every citizen has a 'right to encryption'. Now, the German government has asked the EU Commission very difficult questions regarding the Commission's plans to introduce general surveillance measures to fight the distribution of child sexual abuse material and grooming online. Does this mean that Germany is serious with everybody's right to encryption?

  • EU Commission is planning what Apple stopped after backslash from privacy groups: Automatic CSAM scanning of your private communication.

    Only last year Apple wanted to introduce AI-based CSAM scanning to iPhones, turning people’s devices into little surveillance machines. After international public outcry, the company rolled back on its plans. Now the EU Commission has published very similar plans that should become mandatory for all companies offering communication services in Europe. We must act now to stop these plans.