It's 2022. We live in a world where privacy is increasingly becoming more valued by the average citizen. With data breaches and privacy scandals happening left and right, people are starting to realize that they need to take more precautions when it comes to their data. And one of the first steps in doing this is by ditching Gmail, an email provider that has admitted to reading your private emails for advertising purposes!
This blog post will discuss the limitations and shortcomings of Gmail, including the encryption Gmail uses, the risk of being hacked, and Google reading your private emails for advertising purposes!
Being the most popular email service, you probably made your Gmail account without considering any alternatives—and why should you? Does it matter what email provider you use, as long as they send and receive emails?
The answer is yes. Gmail, unlike other privacy-focused email providers, does not fully encrypt their emails, meaning that your email conversations are at a higher risk of being breached.
Now make no mistake, Gmail (and almost every email provider) does provide some level of encryption to their emails.
Specifically, Gmail supports Transport Layer Security (TLS) encryption, meaning the content of your emails are secured during the sending and receiving process. This does help protect your emails from being highjacked by a third-party while being sent, but it’s far from perfect.
TLS is not an end-to-end encryption, where only the receiver and sender are able to read an email through the entirety of its existence.
And because these email providers do not encrypt emails after they are received, anyone that gains access to their server has the ability to see your emails. So if Google is ever hacked, your private emails will be exposed to a potential data breach.
Additionally, this is why Google was able to use bots and read the personal emails of its users for the purpose of improving their advertisements. Because emails in Gmail just sit in inboxes fully unencrypted, Gmail had complete access to the contents of said emails.
And, as we know, Google is not the only company that has been caught reading private emails.
Yahoo, another commonly known email provider, was caught extracting data from personal emails in order to sell to advertisers.
In general, non-privacy focused email providers lack thorough encryption, which provide opportunities for them (and others) to read your personal emails, which by itself is concerning (and invasive)—but the issue is even more than that.
When using TLS encryption, your emails are still exposed to the following privacy concerns:
· MiM (Man-in-the-Middle) Attacks: Your email is still vulnerable during the email sending process depending on certain outside variable. TLS does combat some of this, however there are still holes.
· High Latency: Emails sent using TLS will have a higher latency on average, meaning your email is vulnerable for a longer duration of time.
Additionally, TLS requires both parties (the sender and receiver) to both be using an email provider with the same TLS encryption method to work. So regardless of the security of your emails, if the person you are sending to/receiving from doesn’t have TLS, then the entire encryption falls apart.
So what's the alternative? Yahoo, Outlook, or AOL?
No, it's an encrypted email provider.
Contrary to the likes of Google and Yahoo, encrypted email providers ensure your emails have encryption even after they are received. This means that even if your email provider is breached, the hackers won’t be able to access your emails.
This is typically done by scrambling the contents of your emails not only during the duration of the sending process, but also in the inboxes of the involved parties.
Below is a list of privacy-focused email providers that are generally better than the standard email providers:
While there are some downsides with privacy-focused email providers, most experts agree that the benefits far outweigh the slight issues you may run into.