Your email address is the gate to your online identity. If you want to stay safe online, you must pick an email service you can trust.
Google - as well as all major email services - scan all your emails, which is easy to do as 99% of emails sent via mainstream services are not end-to-end encrypted.
While Google promises not to scan your emails anymore for personalized adertisements, this might very well be just a marketing initiative which would give us even more reason to quit Gmail. Even if Google might not use the scanned information for personalized advertisements, it still has the option to scan all emails.
The no-scan-promise might end like Gmail's end-to-end encryption project has ended: in limbo.
Even worse, Google introduced AMP in Gmail last year not for your convenience or to increase speed, but to change your mailbox into a platform for marketers to offer advertising opportunities to its paying customers - companies who want your money.
The problem - not just with Gmail, but with almost any email service is this: You store data on the servers of this email service that does not belong to you: sent and received emails, contacts details, and more.
That's the basis of any free email service: You pay with your - and others(!) - data for receiving a seemingly free service. Yet, data in times of Big Data and AI is the new gold. Your data is a cash cow to Google, Yahoo, and Outlook.
While not paying these services directly, you pay by being shown advertisements that make you buy things you don't necessarily need or wouldn't have bought at that price without the constant bombardment of advertisements.
Email services also tend to collect much more data than necessary upon registration. A German podcast nicely points out that all an email service needs for registering a new user is an email address and a password. If this is the case, you can even use this service for anonymous email.
Nevertheless, many providers ask for "full name, address, date of birth, phone number and so on".
To make sure you can trust an email service, you should check for the following:
No personal information is asked for when signing up.
Test the quality of the TLS encryption of your email provider.
As much data as possible must be stored encrypted to guarantee that the email serivce can not use or abuse your data.
Last but not least: For being able to trust the encryption of your email provider, make sure that all its email clients are published as open source.
To check to what extend you can trust any email provider, you must compare the privacy policies and the encryption as described above.
In addition to that, make sure that the email service is based in Europe. Since the strict data protection regulation GDPR, server location has become very important for a trustworthy email service. To make sure that your email service is GDPR compliant, you need to look out for a provider based in Europe. The good news is: Even if you are not living in Europe, it is very likely that the same data protection regulations are applied to your data as most European services do not differentiate between where their users are coming from - if they know it at all.
To help you decide what email services are worth your trust, we have compiled a detailed email comparison.
At Tutanota, we have recently asked our users if they believe Tutanota is secure and privacy-friendly. The trust that has been placed in us is truly amazing. Thank you. 🙂
Our users think that Tutanota is...
No comments available