Email privacy crash course – Part 1: Introduction
Email is essential. Almost every adult person connected to the Internet uses it. Consumers, businesses, governments, political organizations, non-profits – we all use email on a daily basis. Unfortunately, email is transmitted using systems and protocols that were designed decades ago, when awareness of security and privacy issues was low. Almost all email is transmitted in the clear, and is easily intercepted and monitored by service operators and intruders. Of all the Internet privacy and security risks, email arguably poses the greatest risk of all.
In this series of six articles we will explore how typical email users can enhance their privacy using the right tools. We will also provide a comparative overview of major email privacy tools and services available today. The major aspects of email privacy including encryption, metadata, anonymity, usability, ubiquity and people networks, will be discussed and practical recommendations will be provided.
How worried are you?
Snowden’s revelations created unprecedented public awareness of government surveillance. In addition to covert surveillance, governments routinely try to force email service providers to give it access to customer emails, often successfully. Recent attempts by US and UK governments to legalize dragnet collection of email (and other) metadata met with strong public resistance.
Moreover, breaches such as those at Sony, LinkedIn, Twitter, Ashley Madison and Rosebutt exposed businesses and millions of people to embarrassment and extortion through exposure of contents of their emails (and, through their email addresses, of their use of certain services). Hillary Clinton’s reckless use of her home email server for confidential communications and the recent breach of the Democratic Party email servers by Russian hackers drew further public attention to potentially dire consequences of leakage of political and government secrets via compromised emails.
So how worried are you, the email user? In our experience, users can be broadly categorized in terms of their privacy awareness as oblivious, in-denial, bewildered, need and must-have.
“Oblivious” users simply do not care about digital privacy. Teenagers probably form the largest part of this group. Good luck to those trying to convince them otherwise before they grow up.
“In-denial” users know that they are being surveyed and intruded on, but prefer to close their eyes and say “I have nothing to hide”. This is a futile statement. We all want and need privacy while communicating with our lawyer, accountant, medical care provider, job recruiter, business partner. This does not make us criminals who have something to hide.
“Bewildered” users are a fast growing group of people who know that something is wrong with their email privacy but do not know what to do about it, as they are not knowledgeable about the available tools. We hope that this series will help them to make their choice.
“Need” users have a clearly defined need for privacy, but often struggle with usability and/or total cost of ownership of the available tools. Business users form the largest part of this group.
“Must-have” users know that if their email privacy is breached, their freedom and physical security are in danger, and they may even die. Whistleblowers and Iranian dissidents reporting on the niceties of ayatollahs’ regime to journalists, are two examples of this.
In the upcoming articles we will highlight the existing solutions that may be suitable for each of the above user categories. You may ask: why people with different awareness levels need different email privacy solutions? The answer is that unfortunately, there is no single perfectly usable solution today. Different solutions provide different levels of usability and privacy (typically but not always, the more usable the solution, the less secure it is). People will only use a privacy solution when it creates a proper balance between their risk awareness and the usability penalty they are willing to incur.
A word about fearmongering used by some governments to convince their parliaments and constituencies that email surveillance is absolutely needed to fight terrorism and child pornography. Contrary to what they want us to believe, terrorists and child pornographers virtually never use email – they prefer more exotic, difficult to use but highly secure communication methods. Conversely, at the time of attacks terrorists sometimes use completely insecure communication channels (as they did in Paris), and for recruitment they use open social media. This article is not for them.
What is email privacy all about?
Most people think that email encryption is synonymous with email privacy. This is not the case. While email content encryption plays an important role, other factors strongly affect your email privacy.
These include metadata – the curse of email that makes surveillance possible even if email content is encrypted; anonymity – the prevention of disclosure of your email address (which is often the same as your identity); people network – the availability of people willing to use compatible tools to communicate with you securely; ubiquity – the ability to make secure use of standard email services; and usability – arguably the biggest obstacle to email privacy, as people tend to give up on privacy if achieving it makes using email difficult. In the following articles we will discuss each of these in detail.
So what are your options?
There exist quite a few email privacy tools, and apparently some new, advanced services and tools are coming up. Among others, email clients with built-in or add-on PGP encryption are widely available (albeit difficult to use). Closed end-to-end encryption services such as Protonmail and Tutanota cater to the needs of people who are willing to communicate only with other users of the same service and use a dedicated email address and storage. Server-side encryption services such as Hushmail and Startmail provide high usability at the expense of foregoing end-to-end encryption. Tor-based services such as SIGAINT provide excellent anonymity but low usability and no encryption. Decentralized experimental services such as Bitmessage provide excellent all-around privacy and confidentiality, but have low usability and very small people network. Choosing your email privacy protection tool can therefore be daunting. In the following articles we will try to help you to make an intelligent choice that fits your needs, privacy awareness and usability tolerance.