Tuta "Zero Knowledge"

Hi there, Tuta here.

We do not log any user IPs when creating accounts or when you access/use them. By not collecting this information we cannot be forced to turn it over. We also do not require phone numbers or secondary email addresses which means that you can create a truly anonymous Tuta account over the Tor network.

Regarding the zero-knowledge architecture, this is related. The blog post here is referring to how we have constructed our internal infrastructure in such a way that we are unable to view customer data (emails, calendar events, contacts, etc). This is specifically referring to the way in which data like emails, contact info, or calendar events are encrypted on your device before any data leaves your device and heads to our servers.

We have also created our own push notification service which completely avoids Google’s FCM service. This means that notification data is not being shared with these third-parties. With the Tuta Calendar event reminders we never see the names, times, places, or dates of any events.

Our goal is to encrypt as much data as possible and do not require any more information than is needed for operational purposes. We don’t need to store your IP to send an email, so we don’t.

There is no legitimate reason to store more data than is required for a service to function properly.

I hope this answered your questions, if not we can provide more info : )

12 Likes