I believe that the capitalism surveillance by corporates of the likes of Google, Facebook, Amazon, Microsoft, etc should be countered with privacy based tools.
So for some time now, I have been using Tutanota email instead of the infamous Gmail service.
Regretfully the rest of the world that I know is on Gmail. So all my email communications are unencrypted and a copy of all my emails also lie on Google servers.
Is it a wasted effort from my side?
PS: my threat model is not anonymity, but privacy.
Well at the very least you’ve reduced your attack surface, since only your recipients have Gmail. Also I imagine transferring everything to Gmail and a Google account will be a lot more hassle than simply continuing to use your current setup with Tutanota.
The issue is not encrypting the email, which Tutanota can easily do. The issue is the receiving party is least interested in privacy or related extra steps needed to share or maintain the passwords or keys needed to decrypt the email.
Email isn’t exactly a very secure platform for communication to begin with. If your receiving party is only willing to communicate via email and not through other means such as instant messengers, then that’s something you’re gonna have to live with.
As for the email provider, you can use pretty much any of them, since the email protocol is open. The advantage of using providers like Proton or Tutanota is that they allow for your emails to be encrypted at rest. Even if everyone you send emails to is using Gmail, that’s still a lot harder to trace back to identify you, compared to if you were you use Gmail.
That being said, if you think that switching to Gmail is a better option for you, then I’d say go for it.
In my experience one of the big issues is that people simply don’t know or care enough about their digital privacy, even if they do about their privacy in the real world. People don’t view their online lives and data as having much worth compared to their life and belongings in the physical world. Until that changes I’m not sure it’s gonna be easy to get people to switch to more privacy-friendly services.
More than having privacy accounts everywhere, you should focus on having resiliency of your email address by owning your domain.
You have a Tutanota account now but what if the German government is forced to ban or close your account? You should also own the domain that you are putting your email own so that if Tutanota bans you, you can redirect your email to Protonmail or elsewhere and still have the same email from the domain that you own.
But to answer your question, it is not so worth if it is just you. Get your most commonly messaged correspondent via email (spouse, partner, best friend, whoever that is).
When it comes to email specifically, I think it’s very much worth it because it’s such a common protocol that everyone could be using different providers and things would continue to work all the same. Personally, most of my emails don’t go to real people anymore but rather I use to for subscriptions, newsletters, support tickets and things like that. I’m sure all of those endpoints are being tracked by some sort of analytics somehow but at least it’s not all centralized.
On the insant messaging front, well that’s another story and much more frustrating. You pretty much have to use WhatsApp if you want to receive messages from people who only use that. But I at least use alternatives if only to raise awareness that alternatives exist. And while progress has been painfully slow, I did manage to get some people to start using some of these alternatives. Changing people’s habits is so damn hard, even if it’s in their best interest. But show people a way, and you will realize that there is some interest to be exploited (maybe not the best word but whatever).
What I do and recommend: don’t sacrifice your life for the ideals of privacy. Privacy should be a goal, not a way of life. When I need to, I continue to use the big tech’s platforms and tools. Stick to your own thing for yourself and don’t be shy to show it to others when appropriate.
Thanks to everyone who uses alternative email providers - you’re showing everyone you’re communicating with that alternatives exist, and you’re keeping the few big players in check, so they don’t go blacklisting everyone else besides themselves.
There are many reasons people use the “established” email providers, starting with pre-installed software (Gmail on Android or Hotmail on Windows) - they have the lowest barrier to entry and by the time you notice any annoyance, you’re very much invested. Some companies and government institutions require them. Also, to know of “issues” and “alternatives”, you must invest a lot in educating yourself, something for which not everyone has the time/money, so I try to politely respond to anyone interested in what I use, while refraining from harshly judging what they use.
I selfishly use alternative email providers whenever I get the chance because I know the effort that goes into trapping “users” in enclosed walled gardens (which seems to be the business strategy of every for-profit tech company out there today). I was a victim of it, I paid the price a few times, wasted time getting out, and now I look for the exit before stepping foot in any other garden.
I like to keep my spheres of communication separated and have different addresses for each. In addition, most of the email providers I use must be available through anonymization networks. These exclude most large email providers from the start.
For emails that are important to me, I also need IMAP/POP/SMTP access to be able to easily maintain backups and avoid having to relearn the user interface every time a new batch of UX designers decide to express their creativity. I offer/request a public PGP key for/from anyone who wants to communicate privately regardless of their email provider, though I mostly don’t impose it.
