From hackers to businesses and overreaching governments, many people are looking to snoop on our communications. Free email providers surreptitiously use software to mine information from your emails and contacts to sell you ever more targeted advertising.
If you’re fed up with this state of affairs and want to secure your communications from prying eyes, it might be worth choosing a secure, encrypted email service instead.
1. ProtonMail
Price: Free. Premium accounts available.
Storage: 500MB. Up to 20GB for premium accounts.
Country: Switzerland
ProtonMail first launched in 2013 and was developed by researchers at CERN. Following a successful crowdfunding campaign, the open source, encrypted email provider exited beta in March 2016. ProtonMail uses end-to-end encryption so that messages are only viewable by you and the recipient.
Although there are premium options, many of the service’s users are on free accounts. It is reasonable, then, to consider how they can sustain the service without leaning on targeted advertising. Fortunately, the company operates a Defence Fund which can support the service for up to a year without any other revenue.
Why ProtonMail?
All data is stored on the company’s servers in Switzerland—a country well known for its tough stance on privacy and data protection. Importantly, ProtonMail has open-sourced parts of their service. The code is available on ProtonMail’s GitHub for anyone to view and verify the security of the platform.
Although emails to and from other ProtonMail users are end-to-end encrypted, if you communicate with unencrypted services like Gmail, ProtonMail will scan these emails to protect against spam. However, these messages are scanned in memory, meaning that they aren’t kept and will be overwritten in very little time. As soon as the email has been examined, it is then encrypted. If all this talk of encryption is getting confusing, you may want to read up on encryption terms you should know.
According to their Privacy Policy, IP logging is disabled by default, although you can turn this on in your account settings. Your IP address can reveal your location, so the lack of logging is a benefit to your privacy.
ProtonMail also doesn’t store any of your data once it’s deleted. If you delete an email, it’s really gone. The only exception is when the data has been stored in a backup, in which case it may take up to 14 days to be entirely removed. There is no need to submit any personal information while signing up. The company will even allow you to pay for premium accounts in the cryptocurrency Bitcoin.
ProtonMail’s parent company, Proton Technologies AG, also develops ProtonVPN, a multi-platform VPN. Similarly to the email service, ProtonVPN offers free and premium tiers. Some ProtonMail premium accounts also come with access to ProtonVPN’s premium features. We even listed ProtonVPN as one of the best unlimited free VPN services.
Download: ProtonMail for Android | iOS | Web (Free)
2. TutaNota
Price: Free. Premium accounts available.
Storage: 1GB, upgradable.
Country: Germany
Tutanota was launched in 2011 by the German company Tutao GmbH. The service’s name comes from the Latin for secure message. It should be no surprise then that Tutanota is a free encrypted email service. Their servers are also based in Germany, making them subject to Germany’s rigorous Federal Data Protection Act.
While that sounds great in theory, it’s also worth noting that Germany’s Federal Intelligence Service collaborated with their American counterparts, the NSA, in their surveillance programs. While that impacts all data held in Germany, there’s no suggestion that Tutanota has ever been complicit. However, for the privacy-focused, it is worth keeping in mind.
Why Tutanota?
Like ProtonMail, Tutanota uses end-to-end encryption to ensure the privacy of your emails. Where things differ slightly is in how the service handles external emails. If you send a message to another email service like Gmail, Tutanota sends a link to a temporary account where the recipient can view the message.
Tutanota is open-source too, with the code available on the Tutanota Github page. All data stored in your inbox is encrypted, with only metadata like sender, recipient, and date visible. However, their FAQ states that they are looking into encrypting metadata too.
The company uses 2048-bit RSA and 128-bit AES encryption methods. However, they do not support PGP; a feature often used to judge secure email providers. That said, they believe their encryption offers advantages over PGP, like encrypting the subject line. There’s also room for them to build more encrypted services in the future, like cloud storage and a calendar.
According to their Privacy Policy, they do collect mail server logs. Although these are only kept for seven days, they do contain sender and recipient email addresses, but no customer IP addresses.
While you can open a Tutanota account for free, they too offer paid-for options. A Premium account costs just 12€ per year and allows you to add an additional user, use up to five aliases, and enables support for custom domains.
Download: TutaNota for Android | iOS | Web (Free)
3. Mailfence
Price: Free. Premium accounts available.
Storage: 200 MB of emails, 250 MB of documents as standard.
Country: Belgium
Mailfence is a free secure email service from the creators of ContactOffice. Following the Snowden revelations documenting US government surveillance, ContactOffice felt there was a need for a privacy-focused email service.
Their servers are in Belgium, and, as with many European countries post-GDPR, the country has strong privacy laws. These regulations usually favor the consumer rather than the company, strengthening protections. Unlike some countries—namely the Five Eyes nations—there is no evidence to suggest Belgium collaborated in the NSA surveillance schemes.
Why Mailfence?
One concern when choosing a new digital service is whether it will remain operational for years to come. ContactOffice was started in 1999, and so the company has proven longevity. They also earn operational funds for Mailfence by licensing the software to businesses. To do so, they need to keep their software proprietary, so, unfortunately, Mailfence is not open-source.
Unlike the other services in this list, Mailfence is more than just a secure email provider. An account also provides access to calendars, contacts, and document storage. Free accounts come with storage space for 500MB of emails, 500MB of documents, and one calendar. Entry and Pro accounts upgrade this storage and add additional features. Bolstering their privacy-focused credentials, you can even opt to pay for your account using Bitcoin.
Disappointingly, there is no Mailfence mobile application. However, the company has stated one has been in development since at least 2017. If this is a deal-breaker, you could send encrypted email on Android using OpenKeychain instead. For the time being though, if you want to manage your Mailfence mail on your smartphone, you’ll need to pay for a premium account. This gives you access to Exchange ActiveSync, POP, IMAP, and SMTPS.
Mailfence is end-to-end encrypted and supports OpenPGP. You can generate a key on your computer which is then encrypted using 256-bit AES and stored on Mailfence’s servers. They also support two-factor authentication to prevent unauthorized access to your account.
Taking a stand for your principles is admirable in itself, but alongside that ContactOffice donates 15 percent of the income from their Pro plans to the pro-privacy organizations. Currently, donations go to the Electronic Frontier Foundation (EFF) and the European Digital Rights Foundation (EDRi).
Download: Mailfence for Web (Free)
The Most Secure Email Providers
Many free email providers don’t take steps to protect your privacy, or they even take steps to undermine it. Switching to an encrypted email account is a change worth making. When choosing, it’s essential to evaluate the provider on their encryption methods, how they finance the service, and where the servers are located.
Of course, no online service is entirely secure, no matter the ethics of the provider. There will always be hackers and surveillance agencies looking to expand their ever-growing databases. To increase your security, don’t forget the basics. That’s why you may want to consider improving your cyber hygiene too.
Read the full article: The 3 Most Secure and Encrypted Email Providers Online
Read Full Article
No comments:
Post a Comment