Recent posts

5 Reasons to drop Gmail

Today, when people ask you for your email address, they don’t ask “what’s your email?”, but “what is your Gmail?” That’s how popular and widespread Google’s email service is.

For most Internet users, Gmail makes perfect sense. It’s free and convenient and everyone uses it. However, for a privacy-focused user, the popular email service has its fair share of downsides.

In this article, we’ll take a look at 4 reasons to drop Gmail (or other popular email providers) for a decentralized and secure email service.

1. Gmail Collects and Reads Your Data#

It’s no secret that Google has access to your data. And, of course, it also reads your emails.

If you ask Google, this is all to “provide better user experience and product personalization”, but most people don’t think much about what information they are “giving” to Google.

Flickr great deletion

Gmail links the following data to you:

  • Contact information
  • Location
  • Contacts
  • Search history
  • User content
  • Purchases
  • Identifiers
  • Diagnostics
  • Other data

So what does Google do with that data?

2. Selling Your Data to Advertisers#

“Now hang on just a moment there, Google says it will never sell your personal information!”

What we have here is a very clever use of the word “sell” by Google.

You see, according to the California Consumer Privacy Act (CCPA), a “sale” is “any exchange of personal information for ‘valuable consideration’ (meaning ‘money’ in most cases).

Technically, that isn’t what Google is doing.

But they are still making money out of your personal information.

How?

There are two ways that Google monetizes your data:

It directly shares data with advertisers, who can then bid on individual ads, or It builds profiles based on the user data it collects with shared interests and demographics, thanks to which advertisers can target people based on those traits.

Read more on how Google shares, monetizes and exploits your data on EFF.org.

3. Gmail Doesn’t Offer End-to-End Encryption (by Default)#

At least not by default. Look, you can install a PGP plugin for Gmail like FlowCrypt, but that’s a lot of work and Gmail wasn’t built with privacy and security of its users in mind.

That’s not to say that Gmail doesn’t have “any” type of encryption. It does have TLS or Transport Layer Security, but that only works if the data is in transit, so between the sender and the recipient. Gmail does nothing to protect your data while it’s on the sender’s or recipient’s email server (endpoints).

This is why end-to-end encryption does. It ensures that only the sender and recipient can access the email contents.

4. No Zero Access Protection#

For those unfamiliar, “zero access protection” means that the service provider (in this case Gmail) cannot access your data even if it is stored on its server.

Combined with end-to-end encryption, zero access protection ensures that you are the only one who has access to your data.

How?

Let’s say you want to send an encrypted email to a friend. The email is encrypted using a public key, but the only way to read it is to use a private key and decrypt it with it.

Normally, in the perfect scenario, only the recipient will have that private key. However, what if the service provider, like Gmail, also has that key? They’d be able to read your encrypted emails with no problem.

But, with zero access encryption, that can’t happen and only the user has access to his or her emails.

5. It’s a Big Attack Surface#

Google has over 270 products and services under its umbrella and Gmail is but one. All of these services are in one way or another connected.

The good side of this is that everything is much easier to use and it’s all under one account and one login.

The bad side is that if one service is breached, your data is at risk on all of them.

As the largest email service in the world, Gmail is also the most likely target for email scams, spam and phishing campaigns.

According to a 2020 APWG study titled “Phishing Activity Trends Report”, 72% of all BEC (Business Email Compromise) attacks in Q2 2020 were sent from free webmail accounts and of those about 50% used Gmail.

Flickr great deletion

Conclusion#

Again, we're not saying that Gmail doesn’t work. For most folks, it’s perfectly fine. But if you’re looking to protect your data and not have others make money out of it without your permission, then you should drop it.

Drop it for what exactly?

A decentralized & secure email service, like Telios. Telios is a peer-to-peer decentralized and encrypted email (meaning that not only is the email fully encrypted, but it is also stored locally on your device so only you have access to it).

Ready to take back control of your email data? Download the Telios app today for Windows, macOS, or GNU/Linux.