Opinions_which low cost email providers have best privacy policies

Discussion in 'privacy general' started by phkhgh, Jan 4, 2020.

  1. phkhgh

    phkhgh Registered Member

    Aug 17, 2007
    I say, "best privacy policies," because several I've researched have great sounding marketing spin. A lot of paid providers are just a step or 2 above Gmail or Yahoo.

    If anyone has experience with some providers that allow users to be as private as reasonably possible (to not wind up running a spamming service), that don't have a lot of negatives for privacy or encryption, I'd appreciate some names.

    If you read their legal policy and / or read in depth reviews, the "legal" document often doesn't sound so great.

    Runbox - I've read a good bit on them. Several articles say they "require" your real 1st / last name."
    Unless using a CC or other method w/ a name, how will they know if it's real?
    In their PP, I didn't see requiring a real name. They accept cash & bitcoin.

    They say that the none of the data collected (including full, legal name?) is sensitive by definition of the law, so not subject to notification to Norwegian Data Protection Authority (DPA).

    But then they say, "You may access and update this information at any time in the “Account” section..."
    So, you give a real name at sign up, then change it in your settings?? That didn't make sense.

    They also say, "data associated with Webmail, Contacts, and Files ... is stored ... in Norway for as long as your account is active"
    They keep every email & attachment for as long as the acct is open? That doesn't sound right.

    Proton Mail - They have some good features, but some "methods" I'm not so sure about, if you're concerned with more than scanning mail to deliver ads (they don't).
    They say, "It is not necessary to provide personal information in order to create an account, ...", but mention giving a recovery email (doesn't need a name), or
    "You may be asked to verify using either reCaptcha, Email, or SMS." Yeah, I'll give 'em my number.

    Apparently don't trust users to store their own private PGP key. Another kind of sticking point. I've read the encryption is done on your browser, using JS (JS use is unconfirmed). If so, doesn't seem like a good mix. A link to formal evaluation of Proton's cryptographic design. https://eprint.iacr.org/2018/1121.pdf, which I'm wading through.

    To use email clients, you have to install their software, "the bridge." "ProtonMail Bridge is an application for paid users that runs on your computer in the background and seamlessly encrypts and decrypts your mail as it enters and leaves your computer."

    I haven't found technical description of the Bridge; if open source or the method. If it isn't OSS, that's not the best method. Why not just use GPG (linux) or PGP - by itself, like most other providers? The GNU/Linux Bridge app (which I'd need) is currently in beta.

    For times I used encryption, I might be more worried about a 3rd party, closed source app running the encryption show.

    They also accept PayPal, Anonymous cash or Bitcoin payments.
    Last edited by a moderator: Jan 5, 2020
  2. digmor crusher

    digmor crusher Registered Member

    Jul 6, 2012
    If you use the internet nothing is private, unless your working for a 3 letter agency you don't need to pay for email service.
  3. Soft Life

    Soft Life Registered Member

    Aug 10, 2018
    United States
    Tutanota - Free Secure email is one to consider.

    I use Runbox and love it. It has two factor you can use to lock it down either with one time passwords or google authy. Under the hood it has so many options and plus you get 100 aliases with your purchase. I'll never leave it. I chose to not have any back ups made of my emails. You just have to email them to tell them.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.