The boring truth about email security
David Sparks and John Gruber have said all that needs to be said about the revelation that Unroll.me was selling its users’ email data.
It was easy for me to delete my Unroll.me account because I had really stopped looking at it already. Last year, I decided to just get out of the way of my email and just let Gmail’s stock filters for “social,” “promotions,” and “updates” channel 80% of my email into those non-action buckets.
On the surface, it may seem odd that I would favor one ad company over another: dump Unroll.me but stay with Google’s Gmail. A lot of people have ostensibly moved away from Gmail for the same reason people were throwing up in their mouths over Unroll.me this week.
But I have been using Gmail for a long time, and I have no plans to leave now. I understand that Google sees my email and pours it into its Alphabet soup, and I’m OK with that—not because I think Google is especially benevolent, but because I accept the truth about email data.
I think a lot of people who leave Gmail because of privacy concerns are following the false hope that another company can magically “secure” their email. The truth is that your email will never be totally private. With the exception of email you send to yourself, email takes at least two servers to tango.
Every copy of every email sent to/from you resides on some other email server. If you regularly email a specific person, there are probably thousands of your emails on their hard drive—perhaps the one in the old computer they just sold without wiping the hard drive.
In other words, email is not the same as your note archive or your document repository. Email is necessarily out there. Everywhere.
So in my mind, the solution to email privacy is email avoidance:
- Take advantage of iMessage’s encryption for chats with friends and family
- Move your project or work communication to an app like Basecamp
That’s what I’ve done. Today, I see my email as a bloated version of Twitter: a constant inflow of chaff with the occasional strand of wheat, which mostly takes the form of customer email.
I have no control over how many computers email me every day. But I can definitely control how much email I create myself.