Avoid The Hack: 4 Best Private and Secure Email Providers (Alternatives to Gmail)
Free email has been around for… decades. However, the trust cost of these free email services comes in the form of your data – you give up your privacy in exchange for the service.
Many of these platforms use your email account to profile you for advertisers and data brokers. Some of these email service providers may scan email messages or inboxes and/or collect and use metadata. Some show ads in your inbox and/or track and profile your activities. Many free email providers don’t offer robust encryption or protect from tracking mechanisms often found in inbound email messages.
If you are using email providers (and their provided apps, if applicable) – such as Gmail, Outlook.com, and Yahoo Mail – you would be much better served switching email providers to one listed here. Email providers listed here respect your privacy, promote and incorporate encryption for your inbox and messages, and don’t profile users with their own data.
At a glance…
All providers listed here are ad-free, refrain from scanning inboxes/emails, and use end-to-end encryption.
| Service Logo | Name | Primary service location | Free tier | Mail Client support | OpenPGP support | Data security | Open source | Go to service |
|---|---|---|---|---|---|---|---|---|
 |
Tutanota | Germany | (limited) | Only Tutanota client | Zero-access encryption | Visit service | ||
 |
Proton Mail | Switzerland | (limited) | ProtonMail client; 3rd-party desktop clients | Zero-access encryption | avoidthehack Affiliate ( more info ) |
||
 |
StartMail | The Netherlands | Trial | Third-party clients only | Zero-access encryption (User Vault system) | Visit service | ||
 |
Mailbox.org | Germany | Trial | Third-party clients only | Zero-access encryption (except contacts and calendar) | Visit service |
Tutanota
Highlights
- Generous free tier
- Open source
- Anonymous registration possible
- Zero server knowledge encryption for data
Tutanota is a privacy-friendly encrypted email provider operating out of Germany.
Registration for a Tutanota account requires no personal information such as mobile phone numbers or real names.
Emails between Tutanota users are automatically encrypted end-to-end using a hybrid combination of AES-128 and RSA-2048. Emails to external recipients (non-Tutanota addresses) are encrypted with AES-128 – a preshared password is used for sending an encrypted message to an external recipient.
All data stored in Tutanota is encrypted according to a zero-access standard; both encryption and decryption occurs locally on users’ devices and Tutanota has no access to stored data. According to Tutanota’s FAQ page, they can only read metadata such as sender email address, recipient email address, and date of the email.
Tutanota has a generous free tier that includes 1GB of storage, limited search capability, and an encrypted calendar. Paid tiers allow for alias addresses, inbox rules, ability to add additional users, multiple calendars, and priority support from the Tutanota team.
Tutanota is open source for anyone with the know-how and desire to audit the source code for potential security and privacy vulnerabilities.
Proton Mail
Highlights
- Open-source
- Anonymous registration and payment possible
- Integrated PGP support
- Generous free tier + access to Proton VPN, Proton Drive, and Proton Calendar
- Self-destructing messages
Proton Mail is a privacy-friendly, secure, and encrypted email provider based in Switzerland.
Registration of for a Proton Mail account does not require personal information and can be done anonymously.
Data (contacts, email messages, etc) stored with Proton Mail uses end-to-end and zero-access encryption – making it just about impossible for the provider, Proton Mail, to scan inboxes or messages. Zero-access encryption also makes it impossible for Proton Mail to hand over emails to another party. Encryption happens locally, on users’ devices, prior to reaching Proton Mail’s servers.
The Proton Mail web app blocks tracking mechanisms commonly found in emails, such as tracking pixels, to help prevent unintended exposure of personal information. Proton Mail’s apps are open source, leveraging the global community to search for vulnerabilities and have been independent audited by third parties. Proton Mail’s bridge allows for use of third-party mail clients while still retaining the encryption protection offered by Proton Mail.
Emails between Proton Mail users are automatically encrypted end-to-end and have integrated supported for OpenPGP, using the public key of the recipient to encrypt the email message. Emails sent to external parties (non-Proton Mail addresses) can be encrypted with a password. Additionally Emails sent to other Proton Mail users and password-protected emails sent to external users can be set to “self-destruct,” automatically deleting from the recipient’s inbox.
Proton Mail offers a generous free tier that includes up to 1GB of storage, limited search capability, 3 folders/labels and 150 messages per day. Paid tiers allow 15 GB of storage (up to 500GB), multiple email addresses, unlimited folders/labels/filters and messages, access to an encrypted Proton Calendar, and access to SimpleLogin Premium for free for certain plans.
Proton Mail has an .onion address for its service, offering Tor support. Proton Mail supports easy migration from other popular email services like Gmail and Yahoo Mail, using Easy Switch.
more info
) | Source
StartMail
Highlights
- OpenPGP support
- 10GB email storage
- Unlimited aliases with StartMail domain
StartMail is a privacy-friendly and secure email service provider operating in The Netherlands. It is developed by the creators of Startpage, though unlike Startpage, StartMail has received no investment from System1.
StartMail has a “user vault system” that offers zero access encryption for data at rest; email, metadata, and user private keys are stored in the User Vault. However, contacts are not stored with zero-access encryption. Emails technically aren’t delivered to users until their User Vault is opened.
StartMail has encryption and signing (via OpenPGP) available to both StartMail and non-StartMail users. Password-based encryption is available for sending emails to users not using OpenPGP. OpenPGP operations (such as encryption of a message) are handled server-side.
StartMail encourages the use of webmail (accessing email through the browser), but does have support for third-party email clients, such as Thunderbird; there is no official StartMail app. The webmail version of StartMail protects against ads and common email tracking mechanisms like tracking pixels.
StartMail offers integrated OpenPGP support, unlimited StartMail aliases, up to 10GB of storage, custom spam filter, search tools, migration of emails and contacts from other providers, and customer support.
StartMail doesn’t have a free tier but does offer a 7-day free trial of all features available. StartMail’s source code uses a mix of open-source and closed-source components.
Mailbox.org
Highlights
- Powered by 100% clean energy
- Option to automatically use PGP key for all emails
- Anonymous registration and payment possible
Mailbox.org is a privacy-friendly and secure email service operating in Germany. Mailbox.org is powered by 100% environmentally-friendly energy.
Anonymous registration is possible through Mailbox.org as the service does not require personal information to establish…
*** This is a Security Bloggers Network syndicated blog from Avoid The Hack! authored by Avoidthehack! RSS. Read the original post at: https://avoidthehack.com/best-email-services
