Complete Email Privacy Guide

Your email address reveals more about you than you might realize: **What Your Email Exposes:** - Your real name (for most email formats) - Your employer or school (for work/edu addresses) - Your approximate age (from creation date) - Other accounts you use (via password resets) - Your communication patterns - Your contacts and relationships **How Email Is Used Against You:** - Password reset links sent to email can account takeover - Marketers use email to build profiles - Data brokers use email to aggregate information - Hackers target email for account recovery exploits - Email leaks expose other accounts **The Email as Master Key:** Your email is often the master key to all your online accounts. If someone gains access to your email, they can: - Reset passwords on other accounts - Receive two-factor codes - Access personal and financial information - Impersonate you to contacts Protecting your email is one of the most important privacy steps you can take.

**Top Secure Email Providers:** **ProtonMail** - End-to-end encryption by default - Based in Switzerland (strong privacy laws) - No personal information required for free accounts - Open source apps - Self-destructing emails - Cannot be compelled to provide data they don't have - Free tier: 1 email address, 500MB storage - Paid: $48-96/year for more features **Tutanota** - End-to-end encryption by default - Based in Germany (strong privacy laws) - No personal information required - Open source - Encrypted subject lines - Affordable: $1.20-4/month - Free tier: 1 email address, 1GB storage **Mailfence** - Based in Belgium - End-to-end encryption - Digital signatures included - Free tier available **StartMail** - Based in Netherlands - Privacy-focused - $39.95/year **Disroot** - Privacy-focused, non-profit - Donation-based - Based in Netherlands **If You Must Use Gmail/Outlook:** - Enable two-factor authentication - Use an alias for your real name - Never use it for password recovery on important accounts - Regularly review connected apps - Consider it your "throwaway" email

**Step 1: Choose Your Provider** Based on the comparison above, select a provider that meets your needs. ProtonMail and Tutanota are the most popular choices. **Step 2: Create Your Account** - Use a pseudonym if possible - Don't use your full legal name - Don't use your birth year in the email - Create a strong, unique password - Use a password manager to store it **Step 3: Enable All Security Features** - Two-factor authentication (if available) - Login notifications - Recovery codes (save these securely!) - Encrypted contacts **Step 4: Import or Start Fresh** - Option A: Import old emails (may expose old data) - Option B: Start fresh (cleaner slate) - Consider keeping old email for existing accounts - Use new email for new registrations **Step 5: Create Multiple Identities** - Personal email - Professional email - Shopping/registrations email - Each serves a different purpose and compartmentalizes your data **Step 6: Share Selectively** - Don't post your new email publicly - Give it only to trusted contacts initially - Use aliases when possible (see next section)

Email aliases are unique addresses that forward to your main email. They're one of the most powerful privacy tools: **Benefits of Aliases:** - Track which companies sell your email - Disable compromised aliases instantly - Keep your real email private - Create unique addresses for each service - Reduce spam to your main inbox **Email Alias Services:** **SimpleLogin** - $30/year or $3/month - Unlimited aliases - Open source - Based in France - Can self-host **AnonAddy** - Free tier available - Open source - Unlimited aliases on premium - Based in Australia **Firefox Relay** - Free tier: 5 aliases - Premium: $1/month for unlimited - Integrated with Firefox **DuckDuckGo Email Protection** - Completely free - Unlimited aliases - Browser extension available **Blur (Abine)** - $39/year - Masks email and phone - Password manager included **ProtonMail Alias Feature** - Available on paid plans - "Catch-all" for custom domains **Best Practices:** - Create unique aliases for important accounts - Use descriptive aliases (amazon@yourdomain.com) - Regularly review alias activity - Disable unused aliases - Never share your real email publicly

If you can't switch providers immediately, secure your existing email: **Immediate Security Steps:** 1. **Enable Two-Factor Authentication** - Use an authenticator app (not SMS if possible) - Enable 2FA on email first, then other accounts - Generate backup codes and store securely 2. **Review Account Activity** - Check login history - Look for unfamiliar locations or devices - Review connected apps and permissions - Remove anything you don't recognize 3. **Check Forwarding and Filters** - Look for unauthorized forwarding rules - Check for filters that move emails - Remove anything suspicious 4. **Review Recovery Information** - Ensure recovery email is secure - Update recovery phone number - Remove outdated recovery options 5. **Check for Account Delegation** - Gmail: Check "Grant access to your account" - Outlook: Check "Delegates" - Remove any unauthorized delegates **If You Suspect a Compromise:** 1. Change password immediately 2. Revoke all app passwords 3. Enable 2FA 4. Check for unauthorized forwarding 5. Contact provider support 6. Alert your contacts about potential spam

Encrypting your emails ensures only the intended recipient can read them: **Types of Email Encryption:** **End-to-End Encryption (E2EE):** - Only sender and recipient can read messages - Provider cannot access message content - ProtonMail and Tutanota use this by default - Requires both parties to use compatible systems **PGP/GPG:** - Open source encryption standard - Works with any email provider - Requires key management - Steep learning curve - Tools: GPG4Win, GPG Suite, Enigmail **S/MIME:** - Corporate encryption standard - Requires digital certificates - Easier to use than PGP - Certificates cost money **When to Encrypt:** - Sensitive personal information (SSN, financial) - Passwords or access codes - Confidential business information - Legal or medical information - Communications with lawyers/doctors **Easiest Solution:** Use ProtonMail or Tutanota for sensitive communications. Both handle encryption automatically when communicating between users of the same service.

**Local Backup Considerations:** **Pros:** - Access without internet - Protection against account closure - Searchability across all emails **Cons:** - Data exposed if device is stolen - Takes up significant storage - May contain sensitive information **Secure Backup Practices:** 1. **Encrypt Local Backups** - Use encrypted disk images (Mac) or BitLocker (Windows) - Encrypt backup drives - Use strong encryption passwords 2. **Use Secure Email Clients** - Thunderbird (open source, local storage) - Outlook (careful with cloud sync) - Apple Mail (integrates with Keychain) 3. **Consider Sensitive Content** - Don't back up highly sensitive emails locally - Store sensitive data in encrypted notes instead - Use secure messaging for sensitive communications 4. **Regular Cleanup** - Delete unnecessary emails regularly - Empty trash frequently - Archive old emails separately **Cloud Backup Caution:** Email backups in cloud storage (Google Drive, Dropbox) increase your exposure. If you backup emails to cloud storage, ensure the backup itself is encrypted.

Emails often contain tracking mechanisms: **Common Tracking Methods:** **Tracking Pixels** - Tiny invisible images in HTML emails - Tells sender when you opened the email - Can reveal your location via IP - Block by disabling images in emails **Link Tracking** - Links are redirected through tracking servers - Tells sender which links you clicked - Hard to block without breaking functionality **Metadata** - Email headers contain information - Can reveal IP address, location - Minimal in modern encrypted email **How to Block Tracking:** **In Your Email Settings:** - Disable automatic image loading - Disable link previews - Use plain text mode when possible **Browser Extensions:** - Ugly Email (Gmail) - PixelBlock (Gmail) - Tracking Blocker extensions **Client Choices:** - ProtonMail: Blocks tracking pixels automatically - Thunderbird: Can disable remote content - Apple Mail: Privacy protections built-in **Best Practice:** Never enable images or tracking pixels from unknown senders. Only enable for trusted contacts when necessary.

**Immediate Actions:** ☐ Enable two-factor authentication on all email accounts ☐ Review connected apps and remove unnecessary ones ☐ Check for unauthorized forwarding rules ☐ Review account activity for suspicious logins ☐ Update recovery information **This Week:** ☐ Sign up for a secure email provider (ProtonMail/Tutanota) ☐ Create email aliases for new registrations ☐ Disable automatic image loading in emails ☐ Set up separate email accounts for different purposes ☐ Share your secure email with trusted contacts **This Month:** ☐ Migrate important accounts to secure email ☐ Set up encrypted email for sensitive communications ☐ Audit all accounts using your email ☐ Create a secure backup of essential emails ☐ Review and update privacy settings **Ongoing:** ☐ Regularly review email aliases and disable unused ones ☐ Monitor for data breaches involving your email ☐ Be cautious about sharing your email address ☐ Use aliases for one-time registrations ☐ Regular security audits of all email accounts