Google Gmail reads your email Microsoft Outlook.com scans your email. Is there a difference?
When my grandma went away on holidays, she always used to send us postcards. To slow down our post-lady from reading them, she would write the message upside down (compared to the address). An abiding memory is of said postwoman nearly falling off her bike when one of grandma’s postcards arrived. General email security is like that of a postcard. Emails fly around the internet fly around the internet without any form of envelope. They are in plain, open text and can be read by any of the computers that they pass through on their way from sender to recipient. Here is an advert with Microsoft’s (not impartial) take on the matter. [ss_screenshot width=’300′ site=’https://www.keepyouremailprivate.com’]
Back in the early 1990’s, when the internet was young, most people had not heard of a computer virus. Then again, the internet was, for most people, very slow – it would have taken too long to download a virus. You would have simply cut the connection.
Now, everything has to be scanned for viruses, trojans, key loggers, ‘bots and countless other malware. Failure to do so would almost guarantee that your computer would become infected. There are also scams and charlatans on the internet who send out massive amounts of spam, hoping that someone will fall for their cons and tricks. We take it for granted that our email will be scanned to put malware in some safe dumpster and scams in our junk email (in case we did want to read about fake Rolexes and a chap who is having difficulty getting unfeasibly large quantities of money out of his bank account). In other words, a computer program reads your email and decides what is good for you and what is bad.
What Google then does is retain that list of words from the scanning and uses it to target adverts at their account holders when using Gmail on the web. Their calculation is that people will not mind a bit of advertising in exchange for free email. Being able to target the adverts to the recipient makes their advertising more likely to result in a sale for their advertisers (so Google sell more adverts). Is that wrong, or unfair?
Now, while that is (possibly) fine for a person who has signed up to Gmail. What about the sender or recipient who has not? If I send an email to someone with a Gmail account Google will read it. If that person sends an email to someone who does not have a Gmail account, Google will still read it.
There is no way to opt out.
An alternative is to download your emails with Outlook or Mac Mail or some other application, so that you do not see Google’s advertising (if you use a Gmail account). The emails will still have been read/scanned, but you will not see the adverts.
For total security, you can go down the Public-key Infrastructure (PKI) route. This encrypts all your traffic so that no-one can read (or scan) it. It will mean that you need the public encryption key of everyone you want to send an encrypted message to. (There are services to do this.) Recipients can then decrypt the message with their private key. You need to distribute your public key to everyone who will send you an email. (The clever bit about PKI is that the ‘public keys’ are truly public – you can distribute them freely or publish them on your web page. Only the private key, which allows the decryption, must remain private.) There are services that will distribute these keys for you. At that point we are heading towards James Bond territory.
The balance is between how important your privacy is to you, how much inconvenience you are prepared to put up with (e.g. distributing encryption keys) and how much you are prepared to pay.
You decide, please comment (below) and if you want to discuss the encryption options, get in touch.
John holds a CompTIA Security+ qualification and still uses Google Apps!
He also has the facility to encrypt emails.