Introduction
E-mail sucks, but for now we have to use it. What should you consider when choosing an email service provider? First of all, their privacy policy - that is: what data they collect and store about you, and for how long - as well as with whom else they share this data and under what conditions. It goes without saying that this information cannot be blindly trusted.- here are some warning signs: laconicism and understatement, too much intrusive, “selling” talk about “privacy”, conflicting information and arguments. Always try to find information on the Internet about possible scandals and mistakes associated with a particular provider! Other important criteria: support for email programs (mail in the browser is disgusting, you have no control over it); possibility of registration via Tor/VPN; paid or free services (and although it is better to pay for good mail than to suffer from a bad freebie, don’t worry - the best providers on this list provide services for free). Another thing to worry about is ensuring that the provider doesn’t go out of business.- if some post office has been around for 10 years, you can pretty safely say that it will last the same amount. A mail server that runs on one person is like a time bomb. What about encryption? To me, built-in encryption is just an illusion - it’s possible in many ways, but nothing can replace PGP with your private keys. And of course, built-in encryption requires the use of browser-based mail, while PGP can be used through email programs (some, like Claws Mail, even have internal support). So, let’s put an end to the pleasantries - let’s move on directly to the analysis of suppliers!
List of providers
Google, Yahoo, Outlook, Yandex
These are designed to collect as much information about you as possible, and of course you can not use them. There is nothing to add. So let’s move on to those who respect privacy (or pretend to be).
Hushmail
Okay, I’m for it! Just a minute, let me check if your words are true…Everyone has the right to confidential email communications. Take back control of your data and experience clean email without ads.
No thanks. But hey, this only applies to their website - I could live with that if the mail itself was private. But is it?When you visit our website, we may collect information about you, including your browser type, operating system and your computer’s IP address. We use this information to facilitate your access to the site, to collect consumer information and to prevent the use of our services for fraudulent purposes.
Cool, thank you! Let’s check how “limited” this “volume” is:We do our best to limit the amount of personal information we collect.
Good “limitation” - ask for my phone number. And then the market-trend shit pops up.When creating your email account, we will need to record your IP address. We may also ask you to provide other information, such as your telephone number . We use this data for market trends analysis, broad demographic […]
This way you will even spy on the links in my messages! And any other information essentially means that they can process whatever they want. But why pretend that this is necessary to prevent malicious use? Just say that you are a professional data collector.The information we store may include […] user account names, mail sender and recipient addresses, attached file names, email subject lines, hyperlinks in the body of unencrypted messages, and any other information we deem necessary to retain to maintain system operation and prevent malicious its use.
Now my name and phone number are being sent to who knows where. What could be worse?We store sales, marketing and customer service information with third parties who are interested in these business processes, which means that information such as your name, email address, telephone number and company name, as well as correspondence history directly related to sale or customer service may be held by those parties.
…yes, it turns out it could be even worse. And that’s not all (I’m not going to write a book here!) - check out their privacy policy (archived) if you enjoy hurting yourself.Your activity information we store is permanently deleted after approximately 18 months. Information used for statistical calculations can be stored indefinitely.
I forgot to say that Hushmail also wants money for this mockery! And it doesn’t support email programs. Putting it all together, we can without any hesitation call it the worst choice on our list. And they also have the audacity to say the following:
Yeah, how - only you and trust!Hushmail has been providing secure, private and encrypted browser-based email solutions since 1999. That’s why our clients trust our experience in this field.
VFEmail
When registering, it requires passing “recaptcha”, as well as your real name and surname. A lot of suspicious in the user agreement; It will take a whole year to describe all this, so I will note only the most important:
Stop, change my account ? What the hell? It can mean anything at all, including editing your messages, deleting contacts, or changing your password. Damn suspicious![…] VFEmail.net has the right to close and/or replace and/or change your account […]
Amazing! Get ready for your personal data to be handed out left and right to advertisers and analysts.[…] VFEmail.net or its employee may disclose information about the User and the nature of his use of the Services to third parties […]
That is, they will poke you with advertising , and you also do not have the right to show it to someone.The User acknowledges and agrees that the content, which includes, but is not limited to, text, software, music, sound, photographs, images, video clips or other materials constituting advertising from sponsors or information presented to the User through the Services or advertising, is protected by copyright, trademark trademarks, service marks, patents or other proprietary rights and laws.
With a free account, you won’t even have the ability to SSL-encrypt your mail. Therefore, messages will be transmitted as plain text, which can be easily read, for example, by your Internet provider. It is possible to pay and get a number of useless features, but the terrible terms of use still apply. But there is something to laugh at…
wtf? It looks like they are trolling. Copies of your letters are kept for a week… but not on Saturdays! How strange.If you receive mail between your last connection to the POP server and the system snapshot at 0:00, the messages will be backed up for a week - but if the mail arrives on a Saturday night, the mail will be kept for a year.
Regarding the data, you are not told what exactly will be stored and for how long. If you haven’t figured it out yet, stay away from this crap! Honestly, apparently some pranksters took all the ways to humiliate the user, launched an advertising campaign with nonsense like Metadata Softener™ - which you, of course, have to pay for - and began to merrily rake in the money. In my opinion, they are even worse than Gmail, which is more open about its (lack of) privacy and provides its services for free.
FastMail
This is another paid provider that is absolutely terrible from a privacy standpoint. Excerpts from themprivacy policy (archive) :
Name, phone number, address. Let’s quickly start into privacy hell, FastMail.When registering to use, or using our sites or services […] personal information that may be collected directly from you includes your name, account address, mobile phone number, company name, your domain name, IP address , browser user-agent and payment details
“Privacy Respectful” FastMail reads your mail .We process incoming and outgoing mail on your account to combat spam and fraud.
Is there anything you don’t keep?We also store information from your address book, calendar, notes and files on our servers.
It seems that there is no such thing - even other people will not hide from the gaze of FastMail.We also collect email data that you create and upload, and that you receive from other people.
In other words, your every move is tracked and recorded. And now for a little humor - let’s see what they say in their defense:Whenever you use our services, we record your IP address, your client ID (browser or email program information) and your username. When you send emails, we also store the sender and recipient addresses. When you perform actions on mail in your inbox, we also record their sequence.
What are you talking about? Then I wonder why then almost no one else on this list does such things? Now let’s look at another explanation (from How do we use the personal information we collect from you?):These measures are necessary to be able to confirm delivery and check for fraud.
Ah, so this was all for analytics , not for “cheating checks” or some other stupid excuse. And here is an even more incriminating find (from the Disclosure of Personal Information section):for analytics and measurements to enable us to understand how our services are used;
Now everything that was mentioned earlier will also be in the hands of “third parties”.We may share information about you […] with third parties who assist us in operating our business and providing services […] Some of these providers use cloud-based IT applications or systems, which means that your personal information will be stored on their servers
You will also drown in a sea of advertising aimed specifically at you. But how will FastMail know what you’re interested in? Of course, thanks to the collected data - which, remember - includes the content of your emails ! They go on to state that they don’t profile you to send targeted ads, but that seems to contradict the above - and we should always expect the worst . FastMail also uses the services of Matomo analytics, which I will discuss in more detail in the ProtonMail chapter. One way or another, they collect a lot of data - but how long is it stored?We may use your name and email address to contact you directly with the market and inform you about our or related services that we think will be of interest to you
Seems not bad. Given that some providers are waiting a year or more … But wait a minute:All information we record relating to your IP address is retained for approximately 90 days.
When you submit a request to remove your account from our system, we will immediately block the account and archive the information, after which we delete it from our servers within approximately 7 days from the time of your request.
Ha! So 7 days was just another trick. Let me also quote some interesting information from another section (archive) :However, under certain specific circumstances we may retain your personal information for longer.
So after all, they wait a whole year . And you had the nerve to lie right to our faces about 7 days. It’s looking more and more like trolling for naive newbies… In light of the above, is there anything good to say about FastMail? Probably this:After account closure, data and copies thereof are erased within a period of 37 days to 1 year from the date of closure
Yes, that’s exactly what I was talking about above. So at least they don’t pretend to use a fancy encryption system right in the browser. And maybe here’s something else:It is not possible to implement secure end-to-end encryption through browser mail. There are only two ways, both with drawbacks:
But don’t forget that some of your data will be stored on third party servers that may be located in other countries and have different views… All in all, I find it hard to find a reason to use a FastMail box. The amount of data stored is simply huge (and I only talked about some of it), and it is sent to third parties and used to advertise goods and services to you - and you also pay for it.We do not provide any data without the necessary legal permission from the court of Australia. As an Australian company, we do not accept US orders.
Scryptmail
Trial period of 7 days, then pay. No mailer support. Claims to encrypt metadata and headers, not just email content. The support blog and forum appear to be abandoned; The FAQ is also outdated - it says that Scryptmail has been around for only a year, but in fact it has been for four.
What about privacy? The site uses Matomo analytics, described in the ProtonMail chapter. What about the mail itself? According to their privacy policy (archived) , whenever there is a communication between two Scryptmail accounts, only the metadata of the time of sending is recorded. On the other hand, if your Scryptmail account receives an email from another email provider’s server, more data will be collected, including:
In addition, the following are recorded: last login time, IP address, User agent, API call. But they claim that they cannot match the IP address of a specific account. Which contradicts their previous statements as they know the login dates of the accounts along with their IP addresses. It is possible that information about a particular account is being erased by them, but statements about the “absolute impossibility” to link these two facts are lies.sender and recipient email addresses, sender IP address, message subject, message body and attachments, and send and receive times.
You can be sure that information about you will be stored forever. From the Data Retention section: Active account data is retained indefinitely. What about deleted accounts?
In short: the mailbox is paid, there is no support for email programs, an ambiguous and contradictory privacy policy, a significant amount of stored data, which, moreover, cannot be deleted at all. Sucks!Your personal data will be deleted no later than the end of the calendar year following the year in which the contract was terminated, except in individual cases in which specific amendments apply to the contract. […] In addition, inventory and account data may not be deleted if required by legal intervention or prosecution.
SAFe-mail (safe-mail.net)
Israeli provider founded in 1999. Before I get to the heart of the matter, let’s look at first impressions. I’m talking about the structure of the site and the literacy of the language on it, worthy of a chimpanzee - because of this, extracting any information from the site is in itself a mystery. Basically everything here is from prehistoric times, and some sections contradict each other. They had , damn it, 20 years to make a normal site instead of this monster … but let’s try to figure it out anyway:
SAFe-mail wants to appear respectful of privacy, but does not have any kind of privacy policy. There is only a snippet from 2008 , which reads:
That is, they allegedly do not collect any data about users AT ALL . Why, then, did they bother to say that they do not sell this data? Wait, here’s another one: (from user agreement ) (archived)Safe-mail.net does not use cookies and does not collect user data. Safe-mail.net does not transfer, sell, trade or otherwise exchange data it may have about its users with any third party company.
So you still HAVE user data…SAFe-mail LLC does not disclose information about you or your use of the SAFe-mail system, except…
So now you are admitting that you can even get into the contents of my account? Isn’t it an admission that you can read our mail?You agree that SAFe-mail has the right to access your account, including its contents, for specified reasons or for maintenance or other technical reasons.
Come on. But we’re more interested in whether SAFe-mail stores this IP address and other information, and if so, for how long - and there is simply no information about this. Isn’t it suspicious? SAFe-mail spends so much time claiming a high level of privacy, yet strangely unwilling to talk about what data it collects; in truth, you need to read between the lines to figure out if it stores anything at all or not . To me, it smells like cheese in a mousetrap .Please note that your IP address is transmitted with every email sent from your account.
Free account does not support sending mail through the program, only receiving. Other claimed privacy features like SafeBoxalso require a paid account. And of course, by paying for the services, you will lose your anonymity - they do not accept bitcoins. When registering, you are asked for your real name and phone number ; each account is manually approved. Tried signing up via Tor, leaving the phone number field blank - but giving a real-sounding name - and got no confirmation after two days. But one of my readers managed to log into his account in a day. One way or another, it all looks like a trap and is NOT recommended for use .
ProtonMail
The most popular “private” email provider, and often the first choice of anyone trying to get away from the three giants. But how good are his services? Let’s start with the registration procedure - when registering via Tor or VPN ProtonMailrequires confirmation by SMS , which they promise not to store - but it is impossible to prove this. Their “end-to-end” encryption works by generating keys upon registration - you are not allowed to use your own key . Due to the fact that all encryption is done in the browser using JavaScript, nothing prevents them from slipping you a deliberately vulnerable script ; also, encrypted messages can only be sent to other ProtonMail users , unless you have a paid account. According to research, ProtonMail’s encryption methods have serious flaws.At the end of this analysis, I also link to an article detailing common issues with in-browser encryption. Mailers are not supported unless, again, you pay for the “Protonmail Bridge” feature - which still doesn’t allow you to use your own keys.
But let’s leave all these gadgets and see what kind of data ProtonMail stores and for how long. Quoting their privacy policy (archived) :
This means that when you visit the site, Matomo is tracking you. But what data do they actually collect? Information from the Matomo website (archive) :We use a local version of Matomo, an open source analytics tool. Analytics data is whenever possible anonymous and stored locally (not in the cloud).
So it’s about websites. What about email?All standard statistical reports: popular keywords and search engines, sites, social networks, links to popular pages, page titles, user geography, providers, operating systems, browser market share, screen resolution, access from a mobile phone or computer, usage patterns (time time spent on the site, number of pages visited, frequency of visits), popular campaigns, non-standard variables, popular first/last pages, downloaded files, and much more, divided into four main categories of analytical reports - Visitors, Actions, Referents, Goals/E-Commerce (more than 30 reports)
Class, even more metadata than Tutanota (if you trust Tutanota about the data they collect). And here’s something else:we have access to the following email metadata: the email address of the sender and recipient, the IP address of the sender of incoming messages, the subject of the message, and the time it was sent and received. […] We also have access to the following account activity data: the number of messages sent, the amount of storage used, the total number of messages, the last login time.
Read it again! Infinite data retention from “private” ProtonMail! And 14 days of storing deleted data is enough for “they” to get to you. At least the drives are encrypted…When you close your ProtonMail account, your data is immediately deleted from the servers. Data from active accounts is stored indefinitely. Deleted messages are also permanently deleted from our servers. Deleted information may remain in our backups for up to 14 days.
If you read their transparency report (archived) , you’ll see quite a few requests for access to their data from governments around the world. ProtonMail pretends to “require a warrant from a Swiss court” to cooperate - but it is clear that they often agree to this without a warrant - so don’t expect this to protect you. The infamous example of May 2018 was when they disabled one account allegedly due to links with terrorists - and we all know very well what a convenient excuse this is these days., is not it? So, what we have is a provider that does not support client email programs, tracks you on the official website, stores your metadata forever and immediately releases it every time the men in black knock on the door and shout “terrorism!” Also, their encryption is flawed, according to researchers, and cannot be used for interlocutors with mailboxes other than ProtonMail with a free account. And after all this, they call themselves privacy champions… As it turned out upon deep analysis, ProtonMail is just a paper tiger .
Runbox
Their site is so full of talk about privacy that it’s a wonder they managed to squeeze anything else in there. I won’t bother quoting all of this; let’s see if their word is worth something (spoiler: not worth it). Of themprivacy policy (archive) :
You’ll certainly forgive me, Runbox, but demanding my name is definitely not confidential. The first impression is already ruined… and this is just the beginning.By registering an account, you consent to our processing of the following personal data: First name, last name, company name (if any), mobile phone number (if available), country and alternative email address. […] To terminate this agreement, you agree to stop using the Services
Great, so I have to destroy my account so you guys can stop storing information about me. And after that, you will finally erase my data, right?Your Account information is stored on servers located in Norway for as long as your Account is active…
No, of course nothing will be erased - it will be too private for the “privacy-loving” Runbox. So wait five years after deleting your account and your name will disappear from their database…or not?…and: up to 1 month after trial accounts are closed; or up to 5 years after normal accounts are closed, as financial records must be kept for 5 years under Norwegian Accounting Law.
Oh no, the privacy-loving Runbox is breaking every record set by the privacy gods Google and Yahoo; it will take five and a half years before your data disappears from their servers! Oh Runbox, how else will you protect my privacy?Backup copies of Account information are stored on secure servers located separately from the Runbox system for up to 6 months, even after the information is deleted from the main storage.
So all your mail and metadata (sender, recipient, subject, date/time) are saved as long as your account exists. Plus backups that last even longer. Should this torture continue? Okay, let’s take a test shot and get this over with: Runbox is asking for money for its “services” ! Sounds like the final nail in the coffin? Seriously, they’re like paid Gmail… but wait, here’s another thing: (That’s it, I’ll wrap it up here, I promise!)The contents of the email service (data related to the Webmail, Contacts and Files Services) are stored in the main storage on servers in Norway for the duration of your account activity, plus: up to 3 months after trial accounts are closed; or up to 6 months after regular accounts are closed.
On the positive side, they accept Bitcoin… and you can use email programs. There is also a 30-day “free” trial period. Oh yes, they also use renewable energy sources (but this is also true for the truly confidential Posteo, about which later) - perhaps the only thing for which their “services” can really be praised. But because of the nightmarish data collection and storage policy, it’s best to stay away.If you contact us by e-mail, postal mail or other communication channels, we will store this correspondence and all information therein.
Mailfence
I have heard this before. Let’s see how this statement compares to your privacy policy (archived) …We are convinced that Internet privacy is a basic human right that can no longer be simply relied upon. Therefore, we decided it was time to offer completely confidential email services.
Again this shit. Read the ProtonMail section to see how much crap it is.We use the local version of Matomo […]
Already a warning sign… but let’s also check how long all this is stored:We collect IP addresses, message IDs, sender and recipient addresses, email subject lines, browser versions, country information, and dates.
Well, very confidential. And here’s the excuse:We retain copies of deleted messages and documents for 45 days.
Yes, of course - everything is always done “for the benefit of the user.” But in the end, the mail you delete remains on the servers for 45 days , regardless of the reason. And if only this…This is necessary to restore data in case of inadvertent deletion by users. After 45 days, the data will be deleted from all our systems.
That is, you will wait more than a year before your “deleted” account is actually destroyed. Wonderful privacy.When an account is closed, the data will be permanently deleted 30 days after the date prescribed by law (i.e. according to Belgian law, this is 365 days from the moment the account was closed).
Mailfence puts a lot of emphasis on being protected by strong Belgian privacy laws - however, these laws have not only been debunked before, but are generally of questionable effectiveness.
Registration fields require JavaScript and ask for your real name - but you can give a fictitious one; The account is approved immediately, without delay. Support for email programs is paid only; but they accept bitcoins. Allows the import of its PGP keys, but encryption still occurs through the browser. In general - without support for email programs for a free account and with a discouraging privacy policy, despite loud statements - it remains to be forgotten about.
Safe-Mail (safe-mail.nl)
Let’s get straight to the point:
Great, and yet…The Safe-Mail team is a handful of enthusiasts with a clear understanding of privacy. And we want to give everyone the opportunity to make their privacy private. The Safe-Mail community wants to let the world know that privacy is our legal right, and we are willing to fight for it.
So you can still read other people’s messages? Either way, they won’t challenge the court order. So much for the fight for the legal right to privacy.The provider does not review messages or other content stored on Safe-Mail.nl unless legally obligated to do so (this means only by court order!!).
Unfortunately, this information includes my name and place of residence (I think you can throw in fictitious ones, but still …).We do not retain any user information other than what you provide during registration.
Safe-Mail.nl does not have a real privacy policy, so we can only navigate by the snippets of information given above and one section of their FAQ - What are you recording? - which reads:
Quite vague - remember that innuendo is a cause for alarm - but “specific” data (whatever that means) seems to only last 7 days.The entire Safe-Mail system uses different log files that we need to refer to in case of problems with the system. This is called maintenance and is necessary to keep our Safe-Mail system in good condition. We are well aware that the idea that your anonymity is in fact incomplete makes you uncomfortable, but we also cannot say that we are not recording anything. But we are convinced that journals of seven days or more are useless to us. Especially if they contain service information. Therefore, we decided that all records with “specific” information will be deleted from the server after 7 days. The log files only take up extra space, and we want to save it for more important purposes. But this does not mean that you can use the system for unfair purposes. There are rules, and we think that you all know what those rules are. We fight for privacy here, but we do not encourage illegal acts. Please think carefully before using the Safe-Mail system.
The free account does not support email programs. But they accept bitcoin, so theoretically you could have an anonymous account with client software support. Even with a free account, you can download an S/MIME certificate for end-to-end encryption, but unlike PGP, you have to rely on the authenticity of the certificate here - similar to SSL.
Maybe I’m being a little unfair to this provider - but if there are completely FREE servers with software support - that also don’t ask for your real name - and will REALLY try to keep you private - it’s worth using them.
Last edited:
