Author: InvisibleUser Team
Categories: Communication Privacy
In this article, you will learn how secure email communication works. We will show you the best techniques and analyse why popular services like Gmail and Outlook are dangerous.
Emails are a very convenient way to communicate. In contrast to chat communication, emails are easier to store to be read at a later point. Another important use of emails is sending documents and other files over the internet. Therefore, we have written this guide for secure email communication and we would like to show you everything there is to know.
Unfortunately, emails are not without risks. This form of communication can be intercepted and if you do not use encryption, an adversary can read the contents of confidential emails.
However, an arguably even bigger problem is data collection by email providers. All major email providers are guilty of this and they do it to extract information they can use for advertising. Their ability to read all your emails is an invasion of your private space. This can easily be abused by oppressive governments or law enforcement to exert social control. All information they gather now can be used to prosecute their citizens in the future.
We will start off with one of the biggest email providers: Gmail (and GSuite) from Google. Gmail uses specialised software to automatically scan through your emails and algorithms search for keywords. This data about you is then neatly saved in Google’s databases and stays there indefinitely. According to Google, the reason for capturing all that information is that they sell it to advertisers.
This is already to your disadvantage, because the private communication between you and your friends, family or employer is used to manipulate you into buying more products. The issues with Gmail are so severe that 31 privacy organisations demanded that Google suspend the Gmail service, in 2004.
A great analysis of Gmail’s privacy invasion can be found on Epic.org.
What is worse, this extremely intimate information concerning your person can easily be used against you in the future. The data that is collected is not only factual information, but also your writing style that can be accessed through your Gmail conversations.
We do not know if all that is really necessary for Google’s advertising needs or if they have other intentions, like collecting it for use by intelligence agencies, for example. We do not want to make up any conspiracy theories here, but this insane amount of data is unnecessary, even for the most personalised of ads!
Even worse than having Google capture your data with surgical precision is that you do not only give up your own privacy: That is the case when someone else who is using another email provider, like ProtonMail or Outlook, sends you an email. Their email will also be scanned and the contents stored within Google’s massive server farms. By using Gmail, you also put the privacy of other people at risk. Please do not do that to yourself or others!
When you delete emails in Gmail, you should not believe that they are gone and save from Google. The company regularly makes backup copies, so that they never lose your data.
For the time being, we can only advise you to be cautious and stay far away from Gmail. Secure email communication is impossible on the platform.
“Never send anything via Gmail that you would not write on a piece of paper and pin on a wall in the middle of a city, for everyone to see.” — InvisibleUser
To lure in customers, they offer you 15GB of free storage, but as you see, that comes at a price. Gmail is for sure the worst provider.
“Every other company could advertise that they have better privacy than Gmail. No matter how bad their privacy is, that statement would be true.” — InvisibleUser
Do not be mistaken, Hotmail, Outlook.com, Windows Mail, Windows Live Mail, Yahoo and iCloud Mail are likely doing the exact same thing.
Only one of those services even comes close to Gmail in terms of privacy invasion. Let us now explore the corporate misconduct of Microsoft:
Microsoft was the first company to participate in the NSA’s PRISM program. They have installed a backdoor into their email services. Microsoft actively helped the NSA bypass encryption, which lets them eavesdrop on your communication while using Outlook.com. That applies to their advertised email encryption, as well as encrypted chat (source). Additionally, they gave the NSA access to user data stored on OneDrive (formerly SkyDrive).
To prevent all those risks, we will explain how secure email communication works in the following articles. In those posts, we will go into great detail with recommended secure email providers for privacy. Additionally, it is equally important to use a secure email client, ideally, one that supports strong encryption, natively or with a plug-in.