Cleanse

Day Four: Secure Your Email

Generic mail app logo
You've Got Mail! All over the place! (Credit: Wikimedia Commons)

Which Email Should I Use ...For What?

I often get the question, "What do you use for email?" I never know how to answer that question. To me, it makes as much sense as "What do you eat for lunch?"

The correct question is, "Which email should I use for what?"  Not just because I have a lot of different email addresses, but because my choice of services is based on what I'm doing on the internet. Shopping? Getting a doctor's appointment? Banking? Setting up a subscription? Buying tickets?

We don't usually think of email like this. That's because it's the original "platform," the do-everything, the one-stop-shop. And companies rely on that single email address to target you.  Remember how a single element in common--like an email address field-- can link two datasets together and identify you? You have to break this party up.

Today, we're going to start a long process of managing email, various accounts and addresses.  You are going to Balkanize the heck out of your email over the coming days.

First, you are going to get a more secure everyday email account. You are going to make it even more secure by signing up for a service that gives you lots of different masks for your email account.

Hopefully you are also going to get an even more secure email account. You will use this for certain activities that you absolutely want to protect to the highest level. 

In other words, you are not going to have one email address anymore. You are going to select the right email address for the occasion, based on the activities you use your email for, and your threat model for each one.

What's a Threat Model?

The other question I get, more from the information security crowd, is "What's your threat model?" A threat model is a technical term that basically encapsulates the thing you are trying to guard against on the internet. Imagine the worst things that could happen to your data online: from Big Bad Hackers taking your stuff to identity theft, revenge porn, the government targeting you, or maybe your partner finding your emails to your lover. 

A threat model makes a lot of sense if you have a monolithic amount of data you want to protect, say if you're building Fort Knox. Then your job is to identify threats and safeguard against them. But for everyday people interacting online, not everything we do needs a Fort Knox. Every activity comes with a different set of concerns, some with few to none at all. We might even look strange or out of place if we had absolutely no visible data trail.

My perspective on this is that there is a base level of protection we need to ensure across all accounts and services. This is higher than most people admit or perform to, and certainly something that you should adopt moving forward without delay. We're going to heighten your baseline up to this level. That doesn't mean you have to get into elite hacker mode for everything, but we can all do better than Gmail.

Again along the "don't put all your eggs in one basket" philosophy, though, you'll want a range of options to accommodate more intimate, sacred, private, or simply civic activities that you want to shield from intrusion as much as possible. Banking and finances, political donations or records of activism, photos of your kids naked in the bath -- these deserve the Fort Knox treatment. Weekly spam email from the place where you bought a kazoo six years ago on a night out in New Orleans? Not so much.

Work with your Data Roadmap

Start by taking a look at your Data Roadmap. How many entries are email services? And what do you use them for? Chances are you have at least one email address for home, and perhaps one for work. You may have other accounts lying around too.

Now think about your everyday life. Which general groupings of activites do you use those email accounts for? And for which of those activities would you appreciate an even more heightened degree of security?

For each entry with an email account, expand the Notes field and add a few lines that separate each of those activities. Your list may look something like this:

NameDescriptionUse it forSecurity need
GmailPrimary email addressShoppingMedium
  Kids' activitiesHigh
  Mailing list notificationsLow
  Correspondance with friends and familyHighest
  Political participationHighest

You should end up with between 3 to 5 levels of security. The absolute baseline I'd recommend is three, which will translate into three email accounts: one throwaway account that is mostly for spam and mailing lists, one that's for general correspondance, and one that's for private, intimate, sensitive, or encrypted materials.

(If you have a work account, that makes four. Keep that absolutely separate from personal if at all possible. Assume your boss could read it if they wanted to.)

As you do this, resist the urge to think everything is not-that-sensitive. I've heard it before: you're a good citizen, you have nothing to hide! The right to privacy isn't the  same thing as "hiding." And actually, being a good citizen means you should keep some thing private.

Democracy relies upon the ability to keep certain activities private: our religious and political persuasions, for instance. Maintaining relationships requires keeping certain secrets, upholding appropriate levels of intimacy among family, friends, lovers.

And what is "sensitive" information shifts under new political contexts. Recall that German Jews in 1920 were considered citizens and lived openly as doctors, lawyers, butchers or shoemakers; only a decade later, this same identity was a death mark for millions of people (as it also was for LGBTQ people and the Roma).

When in doubt, aim for higher levels of security. It's okay, I won't fault you for it.

Task #1: Get New Email Accounts

With your list in front of you, you are going to sign up for at two new email accounts today.

One email account will be a general replacement for that medium-through-high threat level. We will still make sure this email account has a relatively high level of security, though. No reading your mail to generate AI or ads--so that means no Google, Microsoft, or Yahoo.

(My only exception to this rule is: you may keep one of those accounts open but you will only ever use it for spam, and the address must not include your full real name.)

The second email account will be your extreme privacy replacement. You will use this for high to highest threat level, and most intimate relationships. You will only give out the account's actual address to your closest friends, and otherwise you will use masks and aliases with this account as much as possible. (I respectfully suggest religious, sexual, or political activities all require this level of protection.)

Here are some options, listed from most to least privacy protective. Many are based in Europe, where the GDPR provides stronger data privacy protections. Many of them also offer built-in contacts, calendar, or other file storage and sharing situations. Some require access through a browser or specialized app, while others can be added as an IMAP acount to any mail application you use on your computer. Since your mileage will vary, check them out and see what you like.

  • Protonmail: Based in Switzerland, privacy centric, with masking built in.  This is, in my opinion and that of many others, the best and most secure option for highest threat level protection, with the most options, including legal protection from neutral Switzerland. Only accessible through their own app or website. There is a free account option.
  • Mailfence: Based in Belgium, privacy centric, end-to-end encryption built-in. Includes calendars, contacts, and documents.
  • Tuta: Based in Germany, with a mail, calendar, and contacts built in. They encrypt your inbox and strip your IP from message headers.
  • Startmail: Based in the Netherlands (they also make the Startpage search engine)
  • Fastmail.fm: Based in Australia, Fastmail.fm is a good, reliable, general purpose account that does not scan your emails for their purposes. They also include masking, aliases, and calendaring.
  • Mailbox.org: Based in Germany, another good general purpose option, with more than basic privacy built in.
  • Zoho.com: Based in India, also does not scan your emails or use your materials for their purposes.
  • icloud.com: Okay, so many people have Apple accounts, and Apple has been very pro-privacy (and cagey about what they're doing about A.I.). These are likely fine for low threat activities but I would not put anything sensitive on their servers.

You may wish to create a personalized email account with your own domain name hosted somewhere like ionos.com or bluehost.com, or even serve your own email from your basement. But with the Big Tech companies owning so much of the email marketshare, they've been making changes to email protocols that largely shut out smaller domains by marking their messages as spam. So I don't recommend this for beginners, unless you want to stay on top of that moving target. Also hosting prices vary year to year and can get expensive quickly, so they typically only make sense if you are running lots of websites and addresses.

Finally, please note, you will pay for email. You will not pay a lot for email ($1-$5 a month), but you will pay something.  As a result, you will not be the product: you will be the customer. That is an important transition.

If you cannot afford two paid email accounts, I recommend you pay for one high security account, and make sure you use masking religiously. Or add the free version of proton.me for only highest security tasks.

Tomorrow, we'll work on Task #2: Masking!