Skip navigation

Gentle January

Be Wary of Email (Like Our Readers)

Several people wrote in to suggest caution when hosting and handling email

Digital illustration of the words “Gentle January” over a field of pixelated flowers; in the right-hand corner there is the number “20” placed on a stack of post-its
Gabriel Hongsdusit

The Gentle January series shares one practical privacy tip a day from a Markup staffer who actually uses the advice in their own life.

It’s somehow taken until the end of Gentle January to talk about email. Your email is a critical chokepoint for sensitive communications—commonly used to reset account passwords, to document purchases you’ve made, to remind you of appointments, and to verify your identity.

The old fashioned among us, like me, still even use it to talk to friends and family.

So it should not come as a surprise that email has been a major theme of the privacy tips readers have generously been providing to us all month via… email, of course.

Many correspondents worried about their emails being electronically examined, like Philip (who gave us permission to include his last name):

My suggestion: It’s worth paying a few dollars to utilize an email / VPN provider who doesn’t scan or sell your email related data.

I think you can guess which one I chose 🙂


Philip Mason
Sent from ProtonMail, encrypted email based in Switzerland.

The company best known for scanning email is Google, which supported its free email service Gmail by automatically scanning mail to target users with personalized ads. Google stopped this practice in 2017 but continued to scan email for other purposes, such as hiding spam and providing features like Smart Reply, inbox tabs, and features in other Google products like Google Maps—unless users opted out. The company also faced (and responded to) controversy over Gmail data shared to third-party apps selected by users.

Philip wasn’t the only reader to mention ProtonMail, a service whose privacy features have been touted by Consumer Reports and others. Reader Gert included among a list of tips, “Don’t use gmail, I use Proton mail.” Another correspondent, Annie, also touted ProtonMail as an alternative to big tech, concluding: “Free is good, paid is better, but it’s all way better than Google.” 

↩︎ link

Two other readers raised an important point: How you personally interact with email can be as—or more—important to your security than who receives it for you. One who wanted simply to be known as Anonymous wrote:

I never click on links in emails unless it’s specifically to confirm something, such as a password change, or verify a new account. I do not load images in email by default.

Corporations now routinely abuse email. Email was designed for communication (two-way). Corporations now use it for broadcasting (one-way). And it’s used with tracking links, mainly for marketing.

Another reader, RobD, echoed this advice, writing, “never click on any link in a strange email or text message.”

The risks from clicking the wrong links in the wrong emails are well documented, and experts routinely advise people to be wary of clicking on anything in an unexpected email, as Anonymous and RobD suggest. Turning off image loading in email, meanwhile, can help thwart various forms of tracking.

↩︎ link

Thanks for Reading!

This brings us to the end of January—and with it, Gentle January comes to a close. Thank you to everyone for reading and to those who mailed in ideas. We hope you enjoyed the posts as a gentle way into the new year and discovered privacy tips that will help you in the rest of 2024 and beyond. If you missed any installments in this series, you can visit our new compilation page here. Stay safe!

We don't only investigate technology. We instigate change.

Your donations power our award-winning reporting and our tools. Together we can do more. Give now.

Donate Now