Think your email is safe and private? Think again. Most emails sent over the internet travel in plain, unencrypted form. That means anyone who knows where to look could theoretically intercept and read your most private missives.
So, who could be reading your email?
Google, for a start
Google has revealed that it does scan the emails that pass through its Google Mail service. The tech giant has has stated this in submissions aiming to dismiss a class action lawsuit that accuses it of breaking wiretap laws.
Its position regarding the reading of our emails goes like this:
"Just as a sender of a letter to a business colleague cannot be surprised that the recipient's assistant opens the letter, people who use web-based email today cannot be surprised if their communications are processed by the recipient's ECS (electronic communications service) provider in the course of delivery."
This analogy fails to acknowledge the fact that when an assistant opens their boss’s mail they do so with agreed or implicit prior consent and they are subject to confidentiality agreements.
I have always maintained that writing to someone via email is akin to sending a postcard. The content of the email, just like a postcard, can be read en-route.
Securing your email
Securing your email is easy: you just need to encrypt it. This scrambles every message you send so it can't be understood by people other than the intended recipient.
These days you don't need detailed technical knowledge to use email encryption. Many companies offer email encryption products that handle the technical side of things for you. However, the key is to find one that doesn’t require your recipient to have installed software to decrypt your message and then send you an encrypted reply.
You might also want to find a service run by a UK company and hosted on servers in the EU. This means that UK and EU privacy law will apply — you don't risk getting caught up in the US Patriot Act, which many argue is a good reason to avoid US-based services.
My company offers an email encryption service called Egress Switch.
How to get started
You'll need to decide whether you want a pay as you go encryption service, or something more substantial.
It's also worth looking for a scalable service. You might start out as someone who will use encryption infrequently, for the odd highly-sensitive email. But over time you may decide you want to use encrypted email for all of your business communications.
In the end, though, it’s up to you: if you don’t mind risking Big Brother reading your email then you can do nothing. But if you'd prefer your private messages to stay that way, it's a good idea to adopt email encryption.
- Why you need to archive your email
- Send sensitive information in a self-destructing message
- How to prevent data breaches
Blog provided by Paul Simms of Reflect Digital on behalf of Egress Software Technologies.