Marco Arment recommends moving to FastMail to ease our email privacy woes:
I continue to recommend buying your own domain and pointing it at either your own IMAP server or a dedicated, paid, standard IMAP host. (I’ve used Fastmail for 7 years and have no complaints.)
Eighteen months ago I moved all my email hosting from Google Apps to FastMail. It was becoming clear that Google sometimes kills free services that people rely on. It seemed safer to pay a company that focuses on hosting Email, a company that isn’t distracted by building self-driving refrigerators or deep-sea Internet balloons.
I hate maintaining infrastructure, which ruled out running my own mail server. At the time, the only paid hosts with kudos seemed to be Rackspace and FastMail. Marco Arment recommended FastMail. Nobody recommended Rackspace. I chose FastMail.
Switching from Gmail to FastMail was simple, just a few DNS records to change. ((The only complication was having two domains in one FastMail account, which meant using “personality aliases”. Receiving email from several domains into a single FastMail account is easy but sending from a different personality requires some slightly obscure setup.))
Since switching there’s been no noticeable down-time. Email seems to be delivered promptly and spam filtering seems as good as Gmail.
Is switching from a free email host worth the effort? Does switching for privacy reasons make sense?
There are two big problems with Email privacy, one is identity; how do you know that only the intended people are reading your message? How do you know that the sender of an Email is who they claim to be?
The second problem is that almost all Email is sent over the open Internet in plain-text, which can be read by anybody with access to a server on the path from sender to recipient. Do you trust all of them?
Unless we start building personal trust networks (exchanging and verifying public/private keys) and encrypting our email, then we should probably give up on email privacy. When communicating in plain text over the public Internet we should assume that our messages are being read by third parties.
It doesn’t matter if we self host, pay a dedicated Email host with a simple privacy policy or use a giant advertising-supported technology company’s Email service for free. Email privacy without encryption and trusted, verified identity is an illusion.
Google and Microsoft are big companies with shareholder mouths to feed, and they make money by doing amazing things with data and selling those data to advertisers. I don’t begrudge these business models, but they complicate our provider-consumer relationship because now we’re sandwiched between the advertisers and the email host. Suddenly it’s a love triangle.
We know that advertisers pay handsomely to put their products in front of us. The free-to-use, ad-supported email host knows that the content of Emails allow them to show more relevant ads. That’s a more valuable service to both consumers and advertisers.
But complicated relationships become tiring. What used to be a simple exchange of personal data for services begins to feel creepy.
My relationship with Google reminds me of the sequence in the film Groundhog Day where Phil (Bill Murray) spends many Groundhog days learning everything he possibly can about Rita (Andy MacDowell) in an attempt to get her into bed. By the end of the sequence Phil is trying so hard to impress Rita by using what he’s learnt about her that he comes off as a phony. Instead of making him more effective at selling himself to Rita, Phil’s targeted advertising just makes their interactions feel forced and he seems increasingly desperate and creepy.
FastMail’s business model and privacy policy is simpler. My relationship with them is simpler. FastMail provide email hosting. I pay them money. They only read my email in order to prevent spam and provide a good service, so they say.
To force the Groundhog Day metaphor, my relationship with FastMail feels more like Phil and Rita at the end of the movie, when Phil gives up his incessant data collection and starts using all his time to make other people’s day as great as possible. Rita falls for him because he’s turned into this genuine, cool (freakishly talented) guy.
Can I trust FastMail with my privacy? It’s an Australian legal entity, which is harder for U.S. and U.K. intelligence services to bully. FastMail’s privacy policy says it will turn over my data to law enforcement if ordered by a federal warrant issued by an Australian judge, which is comforting, but in 2013 Telstra proved that at least one Australian company is willing to assist foreign intelligence services without a warrant.
When I emailed FastMail to ask about its history with warrants and whether it discloses requests to customers, director Richard Lovejoy replied:
We receive a very small volume of warrants, and currently I deal with them all personally. They are virtually all connected to ongoing criminal investigations, and often we are prohibited from notifying the user. In the cases that we are allowed to, I would normally send an email to the user concerned.
I can only take FastMail at its word. I’m still sending Email in plain-text and hoping that nothing I write incriminates me or lands me on some government blacklist. The main difference between FastMail and free email services is that FastMail’s entire financial success rests on people trusting it enough to continue paying for email hosting. No company that sends and receives plain-text messages on your behalf can guarantee your privacy but you have a choice. You can date the sincere nice-guy or the creepy, polyamorous show-off.