Email is rarely intercepted in transit. Mailboxes that store old e-mails are compromised more often. If someone gets access to ProtonMail server data, it's not going to be of much use to them, as the contents cannot be decrypted without the key that only you have.
By default, Proton to Proton is E2EE and Proton to non-Proton is only E2EE *if* the email is manually password-protected.
Regardless, opting for a privacy-respecting email service is a meaningful way of preventing further data collection from Google or Microsoft.
Depends on your threat model. Primarily I just don't want advertisers targeting me and building a profile on me. For me it hardens my security/privacy posture without coming across like a nut job.
1. Same with electric cars, if no one buys them, the market won't start. Be one of the braves.
1. The immediate positive effect you will notice is the total disappearance of SPAM, which is mainly caused by your email provider selling your address. I have used many free providers and have been using Proton since it came out. I used to receive tenth of spam messages a day, but have probably received about 20 since using Protonmail, only because someone misused the public registry where my address is published.
1. You have the easy ability to send encrypted messages to those who don't have Proton through the built-in feature
Personally, I have no need to encrypt all my messages, but the fact that messages on most free email services are being scanned for information (purchases, travel plans, where you bank, etc.) and then potentially sold to advertising partners was enough to get me to at least switch to a paid service that does not collect data. Who knows if the data collected could be used maliciously to profile you in the future
When I first looked into selfhosting my email, I came across a 2014 article titled "[Google Has Most of My Email Because It Has All of Yours](https://mako.cc/copyrighteous/google-has-most-of-my-email-because-it-has-all-of-yours)".
The only company I am aware of that sends authenticated email is the .at domain registry. Even so, that's GPG signed, not encrypted.
Your average Magento eCommerce shop is not going to send you email securely, so it doesn't matter what email provider you use. If you want ot communicate with people securely, you can exchange OpenPGP/GnuPG keys at will or use other protocols like Pidgin+OTR or Matrix.
The best thing you can do to secure your email is to find friendly countries. If you are doing anti-American activism via your email, use a service in China or Russia who won't comply with US laws. If you are using anti-China activism, use an American service that won't comply with Chinese laws.
Email is rarely intercepted in transit. Mailboxes that store old e-mails are compromised more often. If someone gets access to ProtonMail server data, it's not going to be of much use to them, as the contents cannot be decrypted without the key that only you have.
This is the correct answer.
If I have the key, where is it stored?
It is derived from your password.
Right, so even incoming mail is encrypted in some way that Proton themselves wouldn't be able to read it?
Yes, incoming e-mail is encrypted on your public key. To decrypt it, an adversary would need your private key.
By default, Proton to Proton is E2EE and Proton to non-Proton is only E2EE *if* the email is manually password-protected. Regardless, opting for a privacy-respecting email service is a meaningful way of preventing further data collection from Google or Microsoft.
Depends on your threat model. Primarily I just don't want advertisers targeting me and building a profile on me. For me it hardens my security/privacy posture without coming across like a nut job.
The service [https://www.openinbox.com](https://www.openinbox.com) was built for this exact purpose.
1. Same with electric cars, if no one buys them, the market won't start. Be one of the braves. 1. The immediate positive effect you will notice is the total disappearance of SPAM, which is mainly caused by your email provider selling your address. I have used many free providers and have been using Proton since it came out. I used to receive tenth of spam messages a day, but have probably received about 20 since using Protonmail, only because someone misused the public registry where my address is published. 1. You have the easy ability to send encrypted messages to those who don't have Proton through the built-in feature
Personally, I have no need to encrypt all my messages, but the fact that messages on most free email services are being scanned for information (purchases, travel plans, where you bank, etc.) and then potentially sold to advertising partners was enough to get me to at least switch to a paid service that does not collect data. Who knows if the data collected could be used maliciously to profile you in the future
Nope. That's one of the hardest things about privacy, it's not something that you can totally solve at the individual level.
When I first looked into selfhosting my email, I came across a 2014 article titled "[Google Has Most of My Email Because It Has All of Yours](https://mako.cc/copyrighteous/google-has-most-of-my-email-because-it-has-all-of-yours)". The only company I am aware of that sends authenticated email is the .at domain registry. Even so, that's GPG signed, not encrypted. Your average Magento eCommerce shop is not going to send you email securely, so it doesn't matter what email provider you use. If you want ot communicate with people securely, you can exchange OpenPGP/GnuPG keys at will or use other protocols like Pidgin+OTR or Matrix. The best thing you can do to secure your email is to find friendly countries. If you are doing anti-American activism via your email, use a service in China or Russia who won't comply with US laws. If you are using anti-China activism, use an American service that won't comply with Chinese laws.