Is your email account secure?

Last week we heard about the arrest of a former Microsoft employee called Alex Kibkalo, who had been leaking secrets and copies of Window 8 to an unnamed French blogger. To find out who was leaking the information, Microsoft decided to read the private email in the French blogger’s Hotmail account, which is completely legal. In the United States, reading other people’s (conventional) mail is a federal crime, but email is another story.

This event has raised concerns about the privacy that we have as users when using an email client made by companies like Microsoft, Google or Apple, because there is no law to prevent them from openly looking at what is shared in the email that we use everyday. The truth is that these services work thanks to protocols and servers that they’ve created and control, so there’s really nothing to stop them from looking when they want our data.

The simple fact of using an email service that is free – where you don’t pay for a secure, encrypted and unique server space – would allow them to access your account whenever they want. The only reason that they wouldn’t is for ethical reasons, but not because it was against the law.

There are even systems the are constantly looking in every corner of the inboxes of our accounts. A good example is that anyone who uses a Gmail account will notice that advertisements and suggestions appear on the side, that are usually related to the information saved in the account or in a specific email, which meant that they’re actively looking at your information, what you receive and what you send. Is there anything to stop them from using your data for other purposes?

The terms and conditions

In addition to the fact that there are no laws to protect us and that make our shared email data really private, you also accept conditions, terms and a full-blown contract when you create an Outlook, Gmail or any other account. Each company can decide what will go into this contract, which most people don’t bother to read, but if you were to take a quick look, you’ll see that they warn you that they’ll go into your account if they think it’s necessary.

Looking at Microsoft’s Service Contract, for example, we see that point 5.2 says: “You consent and agree that Microsoft may access, disclose, or preserve information associated with your use of the services, including (without limitation) your personal information and content, or information that Microsoft acquires about you through your use of the services […]».

And if you decide to take a look at the Privacy Policy for Google’s services, you’ll see that there is similar language in this regard: “We will share personal information with companies, organizations or individuals outside of Google if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary».

This is repeated in the terms of service of other well-known services, demonstrating even more that privacy doesn’t exist and that you need to be careful with what you share in your email.

So what’s the solution?

The truth is that it’s hard to avoid using email in the digital age, in which we are witnessing the ever increasing growth of the Internet of Things. The simplest way to prevent the invasion of your privacy is to stop using the internet completely, but for those of us who want to continue to enjoy its advantages, there are lots of solutions. There are several measures that your can take to help recover your privacy when using email:

• If you want to continue using the same Gmail, Outlook or any other popular and well-known account, what you can do is encrypt all of the data that passes through their servers using tools like Mailvelope, which integrates into your webmail (regardless of which one) and can be installed in Chrome and in Firefox, or use extensions like SecureMail and WebPG for Mozilla.
• If you don’t mind creating a new account, you can use secure mail services like CounterMail, NeoMailBox or Hushmail.