Combat Mass Surveillance by Obscuring Your Email Communication
You are reading this post, so you already know mass surveillance is a big thing that happens all the time. I want to make it clear, that this post will not stop the surveillance from happening, but will hopefully deter anyone from wanting to read your private and important emails.
The number one tip is one you are probably aware of, and that is use encryption where possible. There are encrypted email providers out there, the most well known one is ProtonMail based in Switzerland, but even if you use one of these providers, you are still at risk through mass surveillance.
I don’t want to reach out just to those who use an encrypted email provider, I want to speak to everyone who uses email for anything they regard as important or private. The tips I mention later in this blog post are geared towards anyone and any email provider.
Regardless of what provider you are with, the one major part of emails, that is crucial for the email system to function, is one that MUST NOT BE ENCRYPTED.
I am talking about the one thing a lot of people don’t pay much attention to, but will reveal a lot of information about your emails to anyone who has access, the METADATA!
What is metadata when it comes to emails?
This is the FROM, the TO, the CC, the BCC, the DATE and TIME, and the SUBJECT that is all part of every email.
From the view of the Inbox alone, the FROM, DATE and TIME, and SUBJECT are all visible. Just take a look at your own list of emails as they appear in your inbox or other folders.
If I had access to your emails, without reading any email in particular, I can see
WHO: The person or people you talk to, or companies and/or websites you interact with.
SUBJECT: What the conversation or email is about, and can often reveal a lot.
DATE and TIME: When you talk to these people, which can be used to learn your behavioural patterns.
Never mind what the actual content of the email contains, what I can see in the list alone tells me so much about you and about your emails.
If I see a lot of emails from the likes of Amazon and eBay, I know you like good deals, so if I’m selling something, I need to make it sound really good for the price, or keep it as low as I can.
If I see emails from big brand names, I know you don’t care about price, its more about image and the brand name, and it also tells me you have a lot of money and like to spend it. From this I know to offer you something expensive and to make sure the name behind it sounds and looks incredible.
You may not be too worried about me learning about your expenditure, but what if I found an email from some model or dating site with the subject my pictures for you sent in the early hours of the morning, I will learn you use dating sites or other adult sites, and I may be interested in viewing these pictures that you may have paid for, that I would get for free. It also tells me you are active at this time, so may have a better chance of grabbing your attention, and since its very early in the morning or very late at night, you are likely tired and therefore your reasoning may be impaired, so trying to sway you into buying something or doing something may be easier at ths time.
Worse off, and yes people do sometimes use email for this, communications from your lover with some saucy story about what to expect when you get home tonight. Perhaps with an added image attachment. Would you want me to see this? This would probably be classed as an email for YOUR EYES ONLY.
Unless your emails are encrypted, then I can read the entire contents of those emails, if the METADATA makes it sound interesting enough.
The goal now is to make the METADATA as boring and uninteresting as possible through obscuration to where anyone looking over the list of emails will be less inclined to read the contents. Unfortunately, this can really only be done with emails written directly to you by a human. Automated emails from websites and general mess communications may not be possible to obscure.
Today at 12:30pm
Your order of SOMETHING
Today at 12:00pm
As you can see, the couple of emails in the above example both seem rather interesting, the one from the online shop will be a generic automated email, so it is up to the online shop to obscure that, however, the email from Brian regarding Weekend Plans, is something that can be changed. Lets see how.
Brian needs to change his name to something random and boring. Let’s use Captain Jack as his new name. The subject doesn’t reveal a lot, but it does suggest something interesting could be inside. Let’s change this to Roleplay Aboard the USS Jackson, which should hopefully seem like its an email just for fun and doesn’t contain anything important or private.
Roleplay Aboard the USS Jackson
Today at 12:30pm
Your order #12345
Today at 12:00pm
This now looks much better. It is now much harder for anyone to target any particular email and would effectively learn much less from you, and hopefully get bored before they get to anything they can use against you.
Hopefully this blog post has helped bring an understanding with the subject of email privacy to more people and that it has helped you be more private. Please give me your feedback via email to [email protected] or via any other method you have me on. Thank you so much for reading.