“I have the impression my email is being read”
I have lost count of the times this exact phrase was repeated to me.
What makes email users assume that their emails and accounts are private if the protocol doesn’t ensure anything related to privacy when they press the compose button?
People tend to assume something private as long as the communication is established in a binary relation. Users don’t assume emails to be private in group emails but they fall back to this mental illusion when emails are being sent to one person alone. Worse: when the emails go back and forth in a “chat” style, people feel like they are in an intimate conversation that no one will ever find. THINK AGAIN.
Also, users assume that their emails accounts are safe from prying eyes. That no one is able to read what they’ve written and that keeping a good password is all that is needed for privacy in email. DON’T THINK YOUR EMAIL IS SAFE. Your company is the owner of the email server. Assume every email you send and receive as public communication.
Start treating email as a conversation held in a PUBLIC SQUARE with people walking by. 99% of the people will not listen to a single word of your conversation, but some will, and some will use that information AGAINST YOU.
If you are in a public square and you need to talk “privately” you need a code. A cypher that only you and your counterpart know and can use. In email the only way to be sure YOUR COMPANY (or the police/dictator/google/ad company) DOESN’T READ YOUR EMAIL is to use encryption — PGP, or GPG in it’s open source implementation. USE IT, LEARN TO LIVE WITH THE HURDLES OF ITS DAILY USE. Only then can you be assured of not being pried of your privacy rights like a PIG IN A SLAUGHTER HOUSE.
Using PGP is not straightforward I concede to that — but many things in life aren’t — and you cannot send a secure email to someone that doesn’t want to setup a PGP public/private key. But you can incentivise more people to use start using it. FIRST STEP TO SOLVE A PROBLEM IS TO RECOGNISE YOU HAVE A PROBLEM.
Add a line like this to all your email signatures:
PLEASE TREAT ALL EMAILS YOU SEND AS PUBLIC
IF YOU NEED FULL PRIVACY USE PGP ENCRYPTION
MY PUBLIC KEY/ID IS 517F6E08
More people think that their communications aren’t safe. They need to be protected from eavesdroppers while speaking in public squares. We don’t need Get Smart’s privacy bubble, but software exists that allows us to ensure high levels of privacy. We just need to stop being LAZY.