Practical Privacy — ProtonMail

On a quiet, Sunday morning, do you ever find yourself recalling back to the good old days of Microsoft Outlook Express, pining for the experience of entering in strings of SMTP and POP3 settings, and scheduling weekly backups of e-mail content and contacts?

Of course not, it was terrible, and the world of webmail is faster, easier, and better in almost every conceivable way. Services like Gmail and Outlook.com have spoiled us from a user experience perspective, but in the process, we’ve also traded away one of the strongest benefits of local e-mail storage: privacy. While utilizing a webmail service for your e-mail needs will, by its nature, remove some level of privacy assurance, one can certainly do better than using webmail providers that scan your e-mail to serve you ad content, or are beholden by local legal requirements to turn over your e-mail upon request by government agencies.

Enter: ProtonMail

Just in case you forgot how truly awful this was…

What Is ProtonMail

ProtonMail is a secure webmail service that was founded in 2014 at CERN (the birthplace of the World Wide Web and possibly black hole monsters) by Andy Yen, Jason Stockman and Wei Sun. Its initial popularity proved so high that within three days of taking the service live, the trio were forced to suspend beta registrations while they increased server resources. To help offset costs, the ProtonMail team started an Indiegogo campaign, with the hopes of raising $100,000; the result was $550,377 from over 10,000 donors.

In March of 2016 ProtonMail refreshed their webmail interface, as well as introducing apps for both iOS and Android, and as of 2018 they can boast over 3 million users.

ProtonMail has a web interface, along with apps for both iOS and Android.

How This Helps With Privacy

ProtonMail implements secure end-to-end encryption of messages, utilizing a combination of public-key cryptography and symmetric encryption protocols. All of these security technologies help ensure that your private data stays private. More importantly for privacy though, is what your webmail host does (or does not do) with scanning and reading your messages. While Google no longer scans your email to serve personalized ads, it still scans the information to provide personalized information about directions, flight reminders, and more. Additionally, Google still allows 3rd-parties to scan your email for similar purposes.

Due to how and when email messages are encrypted on their system, the ProtonMail developers are unable to access the data in your messages. Combined with the fact that Switzerland tends to have more consideration of privacy rights regarding sharing of private data to begin with, your personal data is more likely to stay private for both technical and legal reasons.

Swiss email account is the new Swiss bank account.

How To Get It

Creating a new account on ProtonMail is very easy, and should take only a few minutes:

  1. Go to the ProtonMail homepage and choose “Sign Up”.
  2. Choose either a free or paid account. If you choose a free account, you can upgrade to a paid account with extra storage and more daily emails allotted. You should certainly consider a paid tier, as it helps support the service. Remember, if you aren’t paying for the product, you ARE the product.
  3. Find an open email account name, create a password, and create your account.

That’s it! You’ll be off and running with a secure webmail service that doesn’t (and can’t) access your private data. Don’t forget to grab the iOS or Android app for email on the go!

ProtonMail, proudly made (and conveniently legally protected) in Switzerland.

Alternative Options

As stated earlier, any time you rely on a 3rd-party to handle your email, you are always giving away some level of guarantee that your private data won’t be accessed. Unless you want to go back to a world of email clients and POP3 settings, if you’re trying to avoid using a 3rd-party webmail service, you’ll likely have to set up a VPS and install your own webmail software. A few options include:

Setting up your own webmail service is not for the faint of heart though, and will likely be one of the more complicated “practical” privacy exercises you’ll venture on (though my next article about running your own streaming music service will give that notion a run for its money).

This is literally step 6 of installing your own webmail service.

Parting Thoughts

When writing the Practical Privacy series of articles, I often find myself trying to find distinctions between security and privacy, and those two lines certainly blur together a lot when the discussion turns to webmail. Services like Google’s Gmail do a fantastic job with security, but due to the nature of Google’s business model, not to mention their geographical location, their service will likely always be at odds with ensuring your private data stays completely private. Moving to a service like ProtonMail isn’t a 100% guarantee that your privacy will be respected, but it certainly puts you in a much better position.

Hopefully you enjoyed this article! To get some more great Practical Privacy tips, check out my other articles!