Everything you say is true, but your scales of application are roughly equivalent when the opposite is true. An email is visible to anyone intercepting the email whereas an envelope has to be physically opened before it gets to you. The crucial difference is that digital security relies on gateways at hosts whereas envelopes rely on a physical barrier in transit. There is no physical or digital barrier on the internet when your data is in transit except encryption.
Encryption protects byte data while in transmission but usually not when it’s stored in a server to which you and any good hacker has access. Encryption is recommended and popular precisely because emails (and search data) are not secure end to end, and a copy exists at both ends.
No snail mail is vulnerable in the same way as byte data. While it’s in the possession of a courier and when it gets to you, you can be fairly sure that it’s the only copy and it hasn’t been opened on route. An email is usually stored in end to end servers and a copy can be downloaded at almost any node it passes through.
Normal platforms use a single password for you to access your account and your data is stored in a single database with full access to the host because most hosts rely on mass surveillance to generate income or on your accessing privileged information in general. What you store, who your sharing access with, what you’re accessing and even why, along with repeatedly uploaded private personal information is all accessible to hosts not just because that’s how they make their money, but also because that’s the structural reality of hierarchical file tree type databases.
My platform design (Wyrdom) stores data as well as access to data in locked private modules assembled and accessed on an anonymously numbered 3D locata-base, not a common hierarchically named database. Since modules contain hyperlinks to origin servers as easily as actual content but the locked modules are stored in a locata-base the content is quarantined from the platform. In the same way as an envelope based postal system works the locata-base is managed by the platform, but the content is privileged data managed by the users of modules. Like a postal system the management of the locata-base is independent of your content, whereas a normal host like Facebook is entirely dependant on your content, which becomes its content since it is a publisher not a deliverer.
Every module on Wyrdom is a locked entity to which only you and the people you share it with have access and the security relies on a dual password so you can also deny access by removing the other person’s username as need be. (Something you can’t do with email.) Because your content is not in a common database Wyrdom effectively decentralises your browser into as many modules as you want to manage and it puts a limitless number of locked barriers between the open internet and your browser. This re-decentralises the web into many webs by turning your single browser into a limitless number of proxy browsers each individually secured and distinctly accessible by whoever you choose for each web you create. This recreates in a digital environment the reality of how a physical postal system works, but because its digital you can make continuously adjustable webs of contacts rather than one way or returnable letter deliveries.
The Wyrdom platform does not have instant access to the content so there is no general mass surveillance of a common database. The platform can access modules via a user’s account but only with a court ordered warrant so there is simply no comparison to being able to sell your content or your browsing habits to advertisers or governments as on all current platforms.