What is email privacy?

Email privacy means ensuring unauthorized individuals, email service providers, or other organizations can’t read, share, sell, or otherwise exploit the personal and sensitive data in your email account.

Online privacy is different from anonymity. Privacy means keeping your personal information out of the wrong hands. When you share medical records with your doctor or a credit card with your partner, they know who you are.

Anonymity means hiding your identity. People may see what you do but don’t know who you are.

You may not need anonymity online unless you’re a journalist or political activist. But we all have a right to privacy.

However, by ticking the box to accept the complex terms and privacy policies of major free email providers like Gmail and Outlook, you effectively consent to give up much of your privacy online.

For example, the Google privacy policy(nieuw venster) describes the reams of personal data it collects from you, tracking your every move as you use Gmail, Google Search, YouTube, and other apps.

Standard email is like a postcard

Unfortunately, it’s easy for Google and other Big Tech email providers to invade your privacy in this way because email wasn’t originally designed to be secure. The IMAP, SMTP, and POP email protocols weren’t encrypted, so emails were open to be read.

Today, most big email providers, like Gmail and Outlook, use TLS to encrypt messages in transit. That means your messages are secure while being sent from A to B, but only if the recipient’s email service supports TLS.

Similarly, Gmail encrypts your messages on its servers. But Google retains the encryption keys and can decrypt your emails. So they can access your data and share it with third parties, like advertisers and governments.

Email text written on a postcard illustrating that email privacy with most big email providers is similar to that of a postcard

In short, with most email providers, your email is still more like a postcard than a letter — open to be read. It’s one reason why people are learning how to deGoogle their digital lives (stop using Google services).

Take action now: DeGoogle your life for $1

Private email is a sealed letter

By contrast, private email like Proton Mail is genuinely private because it uses end-to-end encryption. With end-to-end encryption, your message is encrypted on your device and can only be decrypted by the person you write to.

That means you control who sees your messages. No one but you and those you authorize can read them. And because Proton Mail collects no personal data linked to your identity, no one you never authorized can see, share, or sell your data.

A letter sealed with wax and string illustrating that end-to-end encrypted email gives you genuine email privacy

So end-to-end encrypted email is like a sealed letter — confidential between you and the person you send it to.

Who can read your emails?

Most large email providers, like Gmail and Outlook, retain the encryption keys to your emails to keep a backdoor into your mailbox. That means they can read your messages whenever they like.

Here’s who can read your email and how private email providers prevent them.

Email providers

Google has said that Gmail no longer reads your emails to target you with ads(nieuw venster). But later, Google let third-party app developers sift through users’ Gmail(nieuw venster).

Since then, Google said(nieuw venster), “No one at Google reads your Gmail, except in very specific cases where you ask us to and give consent”. But you never know who might access your messages and what you consent to when you sign up. And Google still scans your email to track what you buy(nieuw venster) and to enable smart features(nieuw venster), though you can switch this off.

By contrast, private email like Proton Mail uses end-to-end or zero-access encryption, meaning no one but you can read your messages stored on our servers, not even Proton.

Law enforcement

In most countries, state agencies can access and read emails, depending on the law and the information they’re seeking, although this usually requires a formal request. For example, law enforcement officials may obtain a warrant to read your emails during a criminal investigation.

If you send an end-to-end encrypted email with Proton Mail, including a Password-protected Email, neither Proton nor any other third parties can read your messages (apart from metadata).

Government agencies

A decade after Edward Snowden revealed a US global mass surveillance(nieuw venster) giving the NSA access to ordinary users’ online data, government agencies can still access emails without a warrant(nieuw venster). Moreover, intelligence-sharing agreements like the Five Eyes, Nine Eyes, and Fourteen Eyes(nieuw venster) mean governments can easily share personal data across borders.

The best private email services are in privacy-friendly countries and don’t build backdoors for government agencies. Proton Mail is based in Switzerland, which is outside these intelligence alliances and offers strict privacy protection.

Criminal hackers

Email providers can be hacked, as multiple data breaches at Yahoo(nieuw venster) and Microsoft(nieuw venster) have shown. If hackers gain access to the provider’s encryption keys, they can decrypt your emails and other sensitive data.

With private email providers like Proton Mail, your encryption keys are safely on your device. So hackers can’t read your personal data even if your provider is breached.

What email privacy means for you

Email privacy means much more than keeping your messages’ intimate contents to yourself.

Large email providers like Gmail and Outlook are called “free” but rely on invading your privacy to make money. You pay with the private moments of your life.

Google tracks every move you make using Gmail, YouTube, Google Search, etc. For example, here’s the vast trove of personal information Gmail collects from you on an iPhone:

The data Google collects from you when you use Gmail on an iPhone showing your complete lack of email privacy with providers like Gmail — The trove of private data Gmail collects from you on an iPhone (source: Gmail iOS privacy label).

Armed with this knowledge, Big Tech companies like Google build detailed profiles of you to share with advertisers(nieuw venster) and target you with ads. And in this surveillance-based economy(nieuw venster), knowledge is power: The more corporations and authorities know about you, the more they can predict and influence what you think, what you buy, or how you vote.

But you’re not powerless before the tech giants. For you, privacy is power, and using a private email service like Proton Mail is just one way you can fight back, as Dr. Carissa Véliz explains:

Carissa Véliz explains how using private email can help you block Big Tech surveillance.

Here’s what using private email means for you:

You own your personal information

Gmail, Outlook, and other big “free” email providers exploit your data for surveillance-based advertising(nieuw venster). With private email, you’re in control. You decide what happens to your data.

Protect your digital identity

Email is an essential part of your digital identity that is used to track you across the web and offline. Private email uses aliases, enhanced tracking protection, and advanced security to keep your identity and data confidential.

Beat data breaches

Email providers can be hacked. Private email uses end-to-end encryption and zero-access encryption, so your data remains unreadable even in a data breach.

Block government surveillance

Snowden revealed how the NSA and other state agencies carry out mass surveillance of citizens(nieuw venster) at home and abroad. Private email’s end-to-end encryption helps to thwart blanket surveillance programs.

Defend your freedom

Email should be a private space where you can say what you want and be who you want without fear of Big Tech’s surveillance-based profiling(nieuw venster). Private email frees you from the chilling effect of constantly being watched.

Safeguard democracy

The less data you give up, the less chance of being the victim of targeted disinformation(nieuw venster). Giving away your personal data to Google or other Big Tech companies can increase inequality in society and threaten democracy(nieuw venster).

Email privacy for you and all

Most email is like a postcard. We all have things we wouldn’t write on a postcard, so we all have something to hide. Only end-to-end encrypted, private email like Proton Mail is genuinely private, like a sealed letter.

Email privacy means much more for you than just keeping your intimate moments private or blocking creepy ads that stalk you across the web. Email privacy gives you the freedom to be yourself and protects your personal data from hackers, government spies, and Big Tech’s pervasive data collection.

Yet ultimately, email privacy isn’t just about you or your personal preference.

Hey, I’m not shy, and who’s interested in the boring details of my life anyway? I’m no criminal, and I’ve got nothing to hide.

It doesn’t matter who you are or what you think about privacy. In the data economy, online privacy is a collective endeavor we all need to protect our individual freedom, equality, and democracy.

That’s what gets us up in the morning at Proton: We’re working to give everyone privacy and freedom online. And that’s why we offer Proton Mail for free with no strings attached. With Proton Mail, no one but you and those you authorize can read your emails, not even Proton.

Unlike Gmail and other big email providers, we don’t collect or exploit your personal data. Our business is to do everything we can to protect it. All our funding comes from paying members of the Proton community.

So join us and protect your privacy and freedom — for you and all.