Email Privacy, is it really?

This week’s topic is Email Privacy, is it really?

The Tip

There’s an old saying that email is about as secure as a postcard. Is that still true? The answer is yes and no. For most of us most of the time, it’s private enough. For some uses, we should be cautious.

The Detail

This should come as no surprise anymore, but your email isn’t private. In fact, it’s one of the least secure methods of communication you can use. Emails are stored at multiple locations: on the sender’s computer, your Internet Service Provider’s (ISP) server, and on the receiver’s computer. Deleting an email from your inbox doesn’t mean there aren’t multiple other copies still out there. Finally, due to their digital nature, they can be stored for very long periods of time, so think twice before writing something down in an email you don’t want others to see.

Much of this is mitigated for us, due to the way use and deliver email at Nipissing via google apps. Gmail does encrypt data over their internal network, so if you are corresponding between Nipissing email accounts, using the Gmail client, your communication should be encrypted and remain fairly secure. This is one of the advantages in using the Gmail suite.

However, while Gmail encrypts email over their network, their encryption only protects data that is on their servers – not while it is bouncing around on other servers on the Internet, meaning that your data is still vulnerable when corresponding outside the network, unless you adopt a solution that provides client-side encryption. This is not necessary for most users, just doing day-to-day correspondence. Just like a postcard going through the postal mail, most people stumbling across it couldn’t be bothered or interested to look at it. If however you are emailing sensitive documents and data around, outside of our network, you might want to consider a few other strategies. Client-side encryption takes some setup and most users couldn’t be bothered or find it confusing. That said, it is effective and essential for some types of communication, once you jump through the initial hoops. Using services like Dropbox or Google Docs/Drive are safer methods for the sharing of sensitive documents, rather than sending them as attachments.

If you have more questions about these topics, please contact UTS and we’d be happy to offer what guidance we can. There is also a wealth of information to be found using your favourite search engine.