In case you never thought about it, companies that offer “free” email services are not charities. Everything they do is designed with one primary objective in mind: make a profit for the company that offers the service.
Yes, this applies to Google Gmail, Yahoo, AOL Mail, Mail.com (owned by the 1&1 web hosting service), Yandex.Mail (a Russian company), iCloud.com (owned by Apple), and Outlook.com (previously called HotMail and some other names, all owned by Microsoft).
Many of these services also offer additional so-called “free” services, such as storing your address book or your personal appointment calendar.
Why would a for-profit company offer free email services? For one simple reason: to make a profit.
At first glance, that appears to be contradictory statements. However, the companies offering these free services all know how to convert the expense of adding servers, routers, and more hardware, software, and support personnel into profits for the company. In short, they spy on you and all the email messages you send as well as messages received from friends, relatives, companies, and more. Yes, they read your email messages and look at your address book and appointment calendars. Does that make you feel uncomfortable? It should.
In most cases, it is not a human being who is reading your messages and other information. However, human employees can also read your email messages, if they are so inclined. Instead, software reads every message and then feeds the email addresses and message contents into artificial intelligence (A.I.) software in order to learn more about you. This software then extracts enough information about you and your correspondents to learn your approximate age, your approximate family income, where you live, your political beliefs, your sexual preferences, your hobbies and personal interests, whether or not you use tobacco products or alcohol, your level of education, your friends, your relatives, your ethnic heritage, the language(s) you speak, and much, much more.
Also, government spies can read any email message they want by simply asking the email provider for a copy. In some cases, a court order is required. However, NSA, the FBI, and other spy agencies regularly obtain thousands of such court orders every year.
Yes, if you frequently place online orders on Amazon, these email spies will soon learn the size of your boxer shorts and they will save that information. Why would they care about clothing sizes? That information becomes valuable when selling your personal info to drug companies, health care organizations, companies that sell diet services, and even to your insurance company. Do you think your insurance company wants to know if you are an overweight smoker in his or her sixties? You bet they do! The price of your insurance policy is often based on such information.
Next, there are companies such as the now-defunct Cambridge Analytica that help foreign governments in their efforts to subvert democracy. Cambridge Analytica isn’t (or wasn’t) the only such company, just the most publicized one. There are a number of other companies here and overseas that are collecting data about you today and selling it to various special-interest groups and foreign governments.
So what do these companies do with all this information? They can give or sell the information to advertisers, political organizations (remember Cambridge Analytica?), or government spy agencies, including your government and foreign governments.
Selling your personal information is a multi-billion dollar business!
“If you’re not paying for the product, you are the product!” – a quote about television advertising from the 1970s.
Even worse, when your email account is compromised, a hacker can easily take over your other online accounts by requesting password resets.
How can you prevent all this spying? Actually, there are several methods. You can use an encrypted mail service such as TutaNota.com, Proton Mail, HushMail, TorGuard Email, or others. I have written about encrypted email services a number of times. Start at https://duckduckgo.com/?q=site%3Aprivacyblog.com+encrypted+email&t=h_&ia=web to find my past articles.
Perhaps the Best Solution of All
While encrypted email is a huge improvement over the so-called “free” email services, there still is one better bullet-proof solution: run your own email server.
Running your own email server has long been a recognized method of improving your online privacy. Once installed and operational, you control who reads your messages.
In the past, the big problems with installing your own email server in your home were the complexity involved and the required expertise to install it, configure it, and keep it in operation. Luckily, several companies have now created “canned” email server products that install in your home quickly, require very little configuration, and run more or less forever with minimal human intervention. If you possess enough technical knowledge to install an email program, you probably can install and configure one of these easy-to-use email servers.
One of the new wave of easy-to-install email server is produced by Helm, a company in Bellevue, Washington. The company claims you can install the Helm mail server in five minutes or less. It is an excellent replacement for Gmail, Yahoo Mail, Outlook.com and the other spying email services. With the Helm mail server, the only person who can spy on your email is you.
You can read more about the security of the Helm mail server at https://thehelm.com/pages/technology.
The Helm server not only stores your email messages but also (optionally) stores your appointments calendar and your address book. It can even do this for all your family members or anyone else you add to the list of users of the email service. The Helm email server supports unlimited users, constrained only by the amount of disk space available. You could set up email accounts for your family members, friends, and others.
The Helm email server is a small (4.375″ x 7.125″ x 5.125″) piece of hardware sits on a desk or shelf, probably in your home or perhaps at your office. Actually, it can be placed anywhere, so long as it has an always-on Internet connection. You connect it to your in-home router via a cable or by wi-fi wireless networking. The Helm server connects securely to a unique gateway owned and operated by Helm, which is assigned a static IP address so Helm is reachable by other mail servers and secure TLS sessions* can be established. Only securely-encrypted data passes through the gateway. It never processes email messages in plain text. As a result, not even the Helm employees can read your email messages. Neither can anyone else.
*NOTE: TLS, or Transport Layer Security, is designed to provide communications security over a computer network. It means that hackers cannot tap into a network someplace else and read your email messages as they flow through the Internet. You can read more about TLS in Wikipedia at: https://en.wikipedia.org/wiki/Transport_Layer_Security.
You and other registered users of your Helm server can connect to the in-home email server from anyplace in the world that has an Internet connection. You could be using a laptop or an iPhone or Android phone in a coffee shop in Bangkok, Thailand and still connect to the mail server in your home or office to read and write email messages, check the appointments calendar, and to access your address book. (Don’t forget to leave the email server and internet router powered on when you leave home!)
Security is top-notch all along the path to and from other email servers. Quoting the Helm web site:
“When you use an email provider like Google, Microsoft, or Yahoo!, your personal emails are stored on their servers, making them a target for hackers and phishing. Helm provides protection for the massive amount of sensitive and personal information in your email.
“Your device includes full-disk encryption, secure boot, and encrypted backups. Each Helm uses certificates from the Let’s Encrypt Project to secure connections to and from your custom domain.”
The Helm email server runs a hardened version of Linux as its operating system. Everything is internal. Should the server need to be re-booted (which should be rare), all software is stored on an internal (encrypted) solid-state disk drive (SSD). Helm comes with 120 gigabytes of storage for your mailbox—enough for a family’s worth of emails for years to come. That’s more than what the most of the so-called “free” email services provide. However, some of the “free” services do offer additional storage space if you pay for it.
If 120 gigabytes of storage space isn’t enough for your needs, you can easily expand storage capacity by using a slide-in drive.
Calendar and contacts syncing is also available with industry-standard CalDAV, iCal, and CardDAV file transfers.
You can read and write email messages by using any modern web browser on any computer that has an internet connection. That obviously includes Windows, Macintosh, Linux, Chromebook, and probably other operating systems as well. In addition, free Helm apps are available for Android and Apple iOS (iPhone, iPad, and iPod touch) systems. You can read and write email messages, check your calendar, or access your address book from anyplace in the world as long as you have an internet connection. All they need to do is open a web browser (or an Android or Apple iOS app) and connect to the custom domain name you created for your Helm email server during installation. After that, everything operates in a somewhat similar manner as using other email services: Gmail, Yahoo, Mail, Hotmail, and all the others.
The Helm email server costs $299 (US). A subscription to Helms’ secure gateway is also required. The subscription is free for the first year, then costs $99 (US) per year in later years. Subscriptions can be canceled at any time; there are no contracts involved.
The subscription includes:
- Email, calendar, and contacts.
- Custom domain registration with DNS records management – You can register any domain name that isn’t already registered, such as jones-family-email.com or JohnDoeUS.email. The cost of the domain registration is included in the annual subscription.
- Unlimited email accounts and aliases.
- Feature and security updates.
You can also import your present email messages that have been stored on other services (e.g. Gmail, Hotmail, Yahoo mail).
You can read more about the Helm email server at: https://thehelm.com.
Delivery of the servers is promised for “late February” although I wouldn’t be surprised if it is delayed a bit. Delays in the planned shipment dates of new products from many companies often are delayed.
Does the Helm email server sound good? I think so. I ordered one this morning!
P.S. I am not compensated in any manner for describing the Helm email server or any other device. I simply believe that encryption and privacy are amongst the biggest needs of our time. The use of a private email server that is not accessible to worldwide hackers or advertisers or spies strikes me as a good idea. I have already ordered mine.