Skip to content
The BFD. Image by Gerd Altmann from Pixabay

This series is designed to help people to understand modern technology, and become more confident in using computing devices. It is not designed to educate experts.

The author is involved in tutoring older students at SeniorNet, a New Zealand wide organisation. SeniorNet hopes that students will feel more confident in using their computing devices as a result of the learning opportunities offered. This series of articles shares that hope.

Some time ago I wrote about keeping your emails private using encryption. Both by the sender and recipient using Thunderbird email client, and also by using Kleopatra. You can read up on both of these articles by clicking the links.

Today I want to talk about another system promising privacy. ProtonMail is an email service domiciled in Switzerland and subject to Swiss law. The Swiss, as you will know if you’ve been paying attention, have a habit of keeping to themselves, and are notorious for guarding their privacy. (Spoiler alert. I have Swiss forbears in my family tree; this may be where my privacy leanings come from.)

ProtonMail advertises end-to-end encryption with encryption designed so even they (ProtonMail) can’t read your emails. So this looks like it could make email secure, at last! ProtonMail provides both a free system and paid upgrades. This article focuses on the free offering.

Getting ProtonMail.

The signup is just like any other service. Go to the website and follow the prompts. There is a verification procedure to make sure you are not a bot (you are human, aren’t you?) and in just a few minutes you have your new mail account. Proton.me is the default domain, or you can use protonmail.com as an alternative. Sign in using your browser as it’s designed for web access.

Hints

  • Make sure to record your password. Best case scenario is to use a password manager during creation.
  • Look at 2-factor authentication if privacy is ultra important to you. 2FA needs your mobile phone beside you when logging in.
  • Take your time to explore the interface. It’s not as clear as it could be.
  • Watch YouTube videos on using ProtonMail.
  • ProtonMail will try to sell/upsell services. After all, free doesn’t bring in much profit.
  • When you use free ProtonMail some of their other services will cost. Not the same as Gmail/Google, but ProtonMail won’t hawk your data for a few bucks.
  • You can set up folders to sort your workflow.
  • You can set up filters to sort emails arriving in your inbox; otherwise you spend time manually moving emails, which can be time consuming if you have many emails.
  • There is an app for both Android and Apple devices. I haven’t tried these.

What is ProtonMail? It’s been designed to provide you, the user, with a drop in replacement for Gmail, most commonly accessed via the browser on your computer. You send and receive emails just like you are used to but with some sense of greater security. I found the user interface (UI in computer talk) not well designed, and it can be confusing. There is also a mobile app which I haven’t explored.

Does it give you total privacy? Well, yes and no. To understand where your email may be intercepted and read by a nosey government or other forms of lowlife you need to get your head around how email works, and how your message gets from one party to another. There are three scenarios, and ProtonMail offers differing amounts of security in each scenario. Let’s look at them.

1. ProtonMail to ProtonMail. When both the sender and recipient use ProtonMail you can be assured that your email is encrypted at creation, and decrypted at receipt. ProtonMail tells us even they can’t read the email (and attachments) as they don’t have the keys.

2. Other Email system to ProtonMail. The email is created and sent to ProtonMail as usual. It is only encrypted by ProtonMail when it arrives at their server, so until this time is subject to being viewed by whoever has access to the stream. So no benefit over any other system.

3. ProtonMail to Other Email System.

(a) Sending a normal email. Once the email (and attachments) leave ProtonMail they are subject to spying. It’s been described as the same as writing your message on a postcard and sending it. No privacy.

(b) ProtonMail offers a system where the email (and attachments) is created and held in the ProtonMail system, fully encrypted. An email link is sent to the recipient who uses it and a pre arranged password to access the email in their browser. This system offers protection and the email can also be set to expire and be auto deleted after a period of time.

If the recipient replies to this password protected email the reply (and any attachments) is created within the ProtonMail system, and is also end to end encrypted. In this instance there is no record of your reply within your own email system, so you would need to take a screen shot prior to sending for your own record. The reply appears as part of a conversation.

There are therefore degrees of privacy, depending on how you interact with your correspondents. Best outcome is where both parties use ProtonMail.

The ProtonMail UI.

I found the user interface to be pretty minimal. If you hover over the icons you will find out what each does. But there is a learning curve. Here is the create new message window. It’s not obvious what everything does, and the arrows point to two functions you could overlook,

The left arrow sets the email self destruction. The right is the attachment icon. I’ve also deleted the “Sent with ProtonMail secure email” tag line included on the free version. This is automatically added to your emails in the free version.

The message expiration facility works with the two of the scenarios above, No 1 and No 3(b). So you need to tie it to a password if sending to a non ProtonMail recipient. That way the message stays within the ProtonMail ecosystem.

ProtonMail is worth a look, and can help with your privacy needs but you need to know what you are doing to get that privacy. Yes, worth a look in my opinion, but not the be all and end all answer to privacy. ProtonMail has been developed as part of an overall suite of programmes. Depending on your needs and budget the suite may offer you value.

ProtonMail CEO and founder Andy Yen were the subject of a recent interview on YouTube titled, in part, The CEO of PROTON answers YOUR questions! It’s worth watching to give you a sense of the Proton philosophy and to get a view of Proton’s thoughts on privacy.

True privacy is hard, and will cost you! Free is a good price, but you don’t get all the bells and whistles.

Latest