Quote:
Originally Posted by gardenweed
What are your/peoples thoughts on the current best alternative email providers given the implication of these changes in Australian law?
|
As a person living in the US who cares very deeply about privacy and freedom of speech as fundamental human rights, I am not in a great position for getting the kind of service I really want. It wasn't that long ago that even in the US, McCarthyism took over like wildfire and plenty of people with power would have LOVED laws like what was just passed in Australia. Can you imagine that today? Oh, but wait a second... living in the post-911 and post-Snowden era, especially with the political climate we have now, we're literally only a McCarthy away from another national witch hunt. We really are an example to the world -- really brilliant over here in the US, aren't we? We've set ourselves up quite nicely for another national tragedy and continue to refuse to learn the lessons of even recent history. Just look at the social media manipulations of election politics alone. (i.e. look at the Cambridge-Analytica scandal.) Why do we not learn?
I think there are just a handful of approaches to privacy in this situation, and I'm not sure which one I'll apply to FastMail in light of the new law (and the apparent/potential direction of the laws), and also FastMail's inadequate (IMO) response. Maybe if we're lucky, they'll reverse course... but I don't see solid evidence of that. I see this law as a little gateway experiment in a way by the Five Eyes countries to see how far they can push things. And I certainly don't see enough outrage in Australia to reverse course. Welcome to the new normal IMO. Folks, it's a very slippery slope...
So here are the approaches I'm considering:
1) Privacy by anonymity -- I may just pull FastMail's email back to mega US providers that allow somewhat of a semblance of privacy due to their massive size. There's something to be said about getting lost in the noise, I hate to say. I have heavily used various paid business email accounts at Microsoft and Google (enterprise Office 365 and paid G Suite accounts), so I might just fold my FastMail email into one of those services with another paid account. US corporate liability standards and better EULAs/SLAs add another layer of accountability to those services, which IMO provides a slight improvement in terms of protection.
2) Privacy by US-based security-oriented service with extra hoops to jump through -- I may sign up for Luxsci again, which although very small, they have a decent security focus, and they have HIPAA compliant services, which is one more hoop anyone has to jump through... which is a slight improvement in terms of protection. Plus they have vastly superior customer support compared to FastMail. Downside they are more expensive.
3) Privacy by jurisdiction -- I might move more mail over to services located in jurisdictions that have far superior laws. Right now I already have an account at Runbox, which has a better jurisdiction than FastMail by far, and I've also been looking at ProtonMail as an option, and a while ago I was looking at what is now called Kolab Now. The problem with these kinds of providers is that by default their servers are associated with the perception that their services are for people who specifically seek privacy, and that carries its own marker TBH. You're basically advertising that you want privacy when you use those services. Runbox to a lesser extend BTW, since it existed prior to the whole privacy mess we live in now. My main problem with Runbox, though, is that I can never escape the feeling that they are going to disappear on me... or get crushed by some attack or philosophical change in the legal winds that blow in Norway, although they keep hanging in there. Who knows? Runbox is the little provider that keeps going and going... and the folks there are really nice, and I like what they are trying to do.
4) Privacy by changing usage patterns -- I might just stick with FastMail and simply change my email patterns and only run less personal stuff through it. After all, if you remove all the jurisdiction and Five Eyes issues, FastMail is actually a very good service -- good interface, good features, good uptime... It will be hard to say goodbye to FastMail entirely. I just don't consider it in the category of privacy-oriented services at this point... it was always borderline before, but now I have to demote it a notch.
5) Privacy by spreading it around -- so the last approach I'm personally willing to take, which is more or less the way I've been doing it -- is by spreading things around to a bunch of providers. It's a hassle of course, but it creates little firewalls between pieces of my content.
6) Privacy by self-managed encryption -- of course I have to mention there is the hard-core encryption approach, and this would obviously solve many of the issues. However, once again, you are advertising that you want privacy, but more significantly, you are introducing a whole new layer of hassle. I have yet to find a service or workflow that didn't get in the way of basic smooth communication, and I've never been able to make it work for normal life. Alas, I have had to admit to myself that I actually need to find a balance that includes simplicity and convenience to some degree too. And so this approach is not really going to work for me until someone comes up with a really great way to do it. And honestly, at that point, you are only as safe as your weakest link... but that's a different discussion.
So I'm still not sure what I will do, and I don't mean to sound pessimistic... but well, I am now pessimistic when it comes to these issues and FastMail.
