Email has been around for decades and is as common as breathing for most people.  Few people, however, think or have any concerns for privacy or who has access or what they can do with the information.  Most people adhere to the Nothing to Hide approach to privacy, that is, if I am not doing anything wrong then I have no reason to be concerned with someone peeping into my email.  If this were true, you would have no need for curtains on your front window and would gladly post your credit card and bank statements to your front door.  When writing an email you should keep in mind, write only what you would like splashed across the front page of you local newspaper.  There are measures you can take to make sure that your emails do not get read by unintended parties.

Who has access to your email?

First you need to think of who has access to your email.  At work, your employer owns the server or pays for the service that provides your email and can access it without your knowing,  as well as monitor any internet usage or activities you may partake.  My advice is never use your work account for private purposes, such as to send a note to your spouse, banker, or utilities company.  If you don't do it, it can't be used against you in the future. 

If you use a free provider such as Hotmail or Google, keep in mind that these are for profit companies, if they are offering you something for free, it is because it is a benefit to them and will be used for profit.  Google actively searches the contents of your Gmail in order to provide targeted advertising in the sidebars.  If you email a friend about attending a baseball game, you may begin to receive advertisements directed at sports memorabilia.  This may seem like an innocuous trade off, free email for ad banners that you may or may not ever click on.  But the data is in their hands to do with as they please, sell it to third parties or mine it for whatever purposes they choose.  You have no control over who may access it, what they do with it, or how long they retain it.

Most Internet Service Providers (ISPs) provide email service with your account, so set up your email with your them. ISPs are for-profit companies as well, but their profit is derived from providing you good internet service, not mining your personal information for their purposes (please read their Terms & Conditions to ensure this to be true).  The downside is, should you change providers, you need to notify all your contacts that the email has changed and hope that they change their records as well.

How secure is your email transfer and storage?

Most providers, whether they are Google or your ISP will not hand over your data or access to your data without court order.  However, if this occurs, there is no way for you to know it has occurred.  Generally you are exposed in two ways, access to existing email stored on the servers as well as any new email traffic you partake.  To protect against this you need to encrypt your data.  Basically, encryption takes your data and scrambles it all up with mathematical algorithms so that is utterly unintelligible except by the people with the keys to unscramble it.  There are a couple ways to approach this, one is to encrypt the email itself by configuring your email reader with a Digital Id and encrypting the contents of the email.  

Setting an Email Digital ID

The other is to use a service provided that encrypts the servers themselves.  Even with a court order, the provider is unable to provide anything other than the encrypted data which is essentially useless.  One provider I like is Neomailbox who offer the choice of having your email be stored on servers in Switzerland making it that much more difficult for anyone to gain access.  The Swiss are very good at keeping secrets.  Another option is RiseUp which is used by NGO's and other organizations who do not want prying eyes in their electronic communication.

A service provider can take care of encrypting their end, but once you have downloaded the email to your computer it has a readable copy to anyone who can crack your password.  One way around this is to only use webmail, that is login and view your email through your internet browser (Firefox, Chrome, Internet Explorer, Safari, Opera).  The email will never come to your computer and if you clear your browsing history, caches and cookies it should be safe.  For the more technically advanced, you could keep your email in a hidden encrypted partition.

There are many steps to protect your privacy when using email, how many layers of protection you wish to use is a matter of personal preference.  However, the Nothing to Hide mentality is no way to approach your privacy.

Nothing to Hide: The False Tradeoff between Privacy and Security
Amazon Price: $20.00 $12.19 Buy Now
(price as of Oct 23, 2015)