Of late I have been trying to make significantly more intentional choices about which online digital services I use. These choices always seem to me to be a trade-off between convenience (ease of use), network effect (use the service everyone is using), and cost (free in dollars, expensive in privacy loss). One of the things, like many, that is easy to find a service for free is email. Amongst both my colleagues and friends, gmail has become almost a standard. Understandably so, it is cheap (at least in terms of dollars), it is convenient (a mostly adequate user interface), stable (rarely goes down, and certainly not for extended periods of time), more than adequate spam filters (lets talk about all the fishing attacks and spam I get at my university), and secure (Google has fairly good security). The downside though is obvious, they read everything in your inbox, while it might be secure, it certainly isn’t private. Every since I can remember I have had my own email address, run out of my own domain (outsidethetext.com). But this self hosted email has gotten to be burdensome. I spend a lot of time configuring things, mostly spam filters and whitelists. Over the past year this has become fairly annoying and often downright burdensome. So I have been looking into options. Criteria: I want something where all the email is encrypted on the provider end, so the provider has no access to the data. It also needs to be stable. I can cope with a degree of inconvenience for privacy and security, but that’s relative. After trying out a range of services, I’ve ended up settling on Protonmail.
* Secure and Private: Data on their side is encrypted. Probably not the most secure system, but meets my threshold.
* Ease of Set Up:
* Allows Custom Domain: They allow custom domains. This means I can point a domain I own to them. And more importantly it means that if I want to stop using Protonmail, move to another service I can just change service providers without changing email. I have already done this, it was honestly fairly simple.
* Business Plan: “There is no Cloud only other People’s Computers” & “If you aren’t paying you aren’t the customer you are the product.” We all know this. But I also think it isn’t entirely true. If a service like email or file syncing follows a premium model it can provide its services for free to some (especially those that need it but can’t afford it) but also generate operating revenue from those willing to pay for enhanced features. This is what Protonmail does (paid gets you more storage and custom domains). I want a service that isn’t look to scale to infinity and become a unicorn, but also one that has a sustainable business model. This is really about supporting and building a responsible digital ecosystem.
* Doesn’t work with email clients. To check Protonmail I have to either log in via the web. So I can’t use Thunderbird. I prefer mail clients to webmail. They do however have an app for android and iphone which makes it possible to use on mobile devices.
* Cannot import PGP key. Right now you cannot import your own PGP key, and messages going outside of Protonmail aren’t encrypted. This would normally have been a deal breaker for me, but it is in their development plan to enable this. Right now Protonmail is my plan going forward. The mobile apps work well, the interface is as good as any web interface can be. And the development plan going forward seems to be focused on addressing some of my remaining issues. Once they allow importing of PGP keys I’ll probably switch over my main email to this and start using it a lot more. Right now I have been only using it for limited correspondence.
Update: As part of the Privacy Class I am teaching, I challenged students to develop privacy plans. For a few of them this involves pursuing an alternative to gmail. Some of them selected Protonmail and have indicated that it has been easy to use with no complaints. This confirms my impression that for someone used to webmail based email (not thru a client like Mail.app or Thunderbird), students almost universally use webmail on their computers, the transition is less notable. None of them who choose Protonmail indicated any problems. And the fact that they were able to get free accounts, with limits, confirms the business model for now: people like myself support Protonmail thru payments and minimal email services can be provided for others for free.