Private Communication: Choosing the Most Secure Email Service

Email is slowly losing its popularity as a primary means of communication, but it’s still essential in today’s world. Many accounts are tied to your email, and sensitive information often lands in your inbox, making email theft or leaks extremely unpleasant. Traditional providers don’t offer a high level of security or privacy, so today we’ll discuss specialized secure email services.

What Sets Secure Email Services Apart?

The main difference is end-to-end encryption and, ideally, some guarantees against potential surveillance. Even if the content is encrypted, the time a message is sent and the recipient’s address can still reveal a lot. Unfortunately, we can only review what the service creators promise, not verify those claims directly. Sometimes, you have to rely on indirect signs, which we’ll break down below.

Selection Criteria

Our main criteria are open-source code, the reputation of the country where the service is based, and, of course, the presence and quality of data encryption.

Open Source Code

By open source, I mean both the client software and the server backend. Open-source software is much easier to audit, making it more reliable from a security standpoint. Any expert can analyze the code for vulnerabilities, backdoors, or other security issues. This reduces (though doesn’t eliminate) the risk of hidden data collection or malicious components. An active developer community also helps quickly fix bugs and improve the service’s reliability.

Jurisdiction

The country where the service is registered is crucial for data protection. Different countries have different laws regarding privacy, surveillance, and data access. For example, services operating in “14 Eyes” alliance countries may be required to hand over user data to government agencies. It’s best to choose countries with strong data protection laws and a high respect for privacy, such as Switzerland, Sweden, or Germany, where strict policies limit government interference. Always read the privacy policy and terms of service carefully—these documents can reveal a lot. In this review, I avoided countries with NSL (National Security Letter) and Gag Order analogs, which are widely used in the US.

Encryption

Encryption is the foundation of data security in modern online services. It ensures confidentiality, guaranteeing that only authorized users can access the data. When choosing a service, consider what types of encryption are used, whether emails are stored encrypted, and if you can send encrypted messages to external mailboxes.

In my opinion, these are the main criteria, but there are a few more points worth considering: the ability to create an email account without a phone number or other personal data, and the option to pay for the service with cryptocurrency (or use a free plan). I’ll include these in the review criteria as well.

This review does not include email services that require user de-anonymization: if they require a phone number, don’t offer a free plan, or don’t accept cryptocurrency payments.

Top Secure Email Services

ProtonMail

• Website: proton.me
• Accepts Crypto: Yes
• Anonymous Registration: Partially (only email required)
• Jurisdiction: Switzerland

Probably the most popular service in this review, and for good reason: it’s based in Switzerland, created by CERN scientists, and positions itself as one of the most secure email services in the world! The frontend code is open, including the cryptographic components. Proton also has a Tor site. They regularly publish a transparency report and a warrant canary—information about law enforcement data requests. Some may wonder why they comply with such requests if they care about privacy, but any legal entity in Switzerland must follow Swiss law. At least they publish reports about it.

Emails are encrypted and stored encrypted on ProtonMail’s servers. If both correspondents use ProtonMail, messages are only decrypted by the recipients. You can send encrypted emails to non-ProtonMail users—the recipient will get an email with a link to the Proton server, where they’ll be prompted to enter a password (which you’ll need to share via another channel, as with any symmetric encryption). Another plus: you can pay for the service with cryptocurrency if the free plan isn’t enough.

ProtonMail has many advantages, but also some drawbacks. For example, it was initially positioned as being hosted only in Switzerland, but the privacy policy states that servers are located in both Switzerland and Germany. Registration requires an email address for account recovery. This isn’t a big issue, but it would be great if no data were required at all for registration.

Tuta

• Website: tuta.com
• Accepts Crypto: Yes (partially)
• Anonymous Registration: Yes
• Jurisdiction: Germany

This is a secure email service from Germany—Tutanota (now rebranded as Tuta). It’s a solid candidate: they provide a transparency report, all stored correspondence is encrypted, and the client apps are open source. Like ProtonMail, you can send encrypted emails to external addresses—the recipient will need to enter a password to decrypt the message via a link.

Cons: a backdoor was installed by court order in Germany. The company claims that all emails encrypted before the backdoor was implemented cannot be decrypted, and the backdoor does not affect end-to-end encrypted emails (which only works if both parties use Tuta). Unencrypted emails received by Tuta servers can be read via the backdoor.

Another minor downside: they don’t accept direct crypto payments, but you can buy gift cards with crypto and use those to pay for email (as suggested by the company). There’s also a free plan. However, according to their privacy policy, all payment data is collected, as are any personal details you provide (see their terms of service). The good news: you don’t have to provide any data to register and can remain anonymous.

Mailfence

• Website: mailfence.com
• Accepts Crypto: No
• Anonymous Registration: Partially (only email required)
• Jurisdiction: Belgium

The company is based in Belgium, as are all its servers. Both free and paid plans are available. You can enable encrypted correspondence using either OpenPGP or password-based encryption. In the latter case, the recipient gets an email with a link to the Mailfence server and is prompted to enter a password (which you must share separately). With OpenPGP, you can generate key pairs for each recipient. Other positives: the service publishes transparency reports and a warrant canary.

Cons: the official site mentions crypto payments, but in reality, they are not accepted (confirmed by support), though a free plan is available. The source code is closed. Their privacy policy states that the company collects and stores IP addresses, payment data, and lots of other information. Also concerning is the phrase: “incoming and outgoing messages are automatically analyzed by our procedures for spam, viruses, and abuse”—an interesting claim for a company promising full privacy. Registration requires an external email address to receive an activation code and complete the process.

Runbox

• Website: runbox.com
• Accepts Crypto: Yes
• Anonymous Registration: Partially (only email required)
• Jurisdiction: Norway

This service’s website tries hard to convince users of its strong security and commitment to user data protection. Let’s see how it holds up in reality.

On the plus side: you can pay for email with cryptocurrency! But that’s about it for the positives.

Registration requires an external email address, and if you don’t activate your account via the link sent there, you can’t send any emails: “Error: Please subscribe or validate your alternative email address to send email from your account.” There’s no free plan, only a seven-day trial. Another concern: their privacy policy states that “to protect against viruses and spam, incoming and outgoing emails may be automatically scanned. Additionally, automatic indexing of email content occurs to provide search capabilities.” So much for privacy!

It’s clear that emails are not stored encrypted, though the service recommends using OpenPGP yourself. Presumably, so the developers of this “fully private” service can’t read your emails!

In short, this is a great example of a service where the marketing promises of privacy and security don’t match the reality described in the terms of service.

Conclusion

Not long ago, we reviewed secure messengers and found that there aren’t many worthy candidates. The situation with secure email services is even worse—of all the contenders, only ProtonMail is more or less acceptable, with Tuta in second place (if you can overlook the backdoor). The rest are disappointing: their security seems to exist only in marketing banners, not in the reality described in their user agreements.

Of course, you can always use asymmetric encryption yourself for important correspondence, but that’s not always possible with every recipient. Privacy is in a bad state: most services don’t offer free plans, don’t accept cryptocurrency, and force users to pay via bank transfers or payment services with KYC procedures, completely eliminating anonymity.