For as long as I remember intrusive family members trying to snoop at what I was doing on the computer, I’ve always cared about privacy. If you’re reading this you probably do too. But there is an area of privacy that’s not talked about much. Despite all the NordVPN ads talking about providers selling your data, very few people actually stop to think about how to stop all their personal info being all over the place. One of the biggest ways it all gets connected to gether is your email.
Think about it. Your email is your login for every account. It is effectively an identifier. Any data broker can easily associate data related to this email, back to you.
This is why it’s a good idea to try to use different email addresses for all online accounts, and to make it hard to connect your email addresses to each other. Feel free to jump to the setup if you want to skip the why and just follow the recommendation.
So let’s say you register an account on a website but avoid using your name for privacy. It doesn’t matter, because if they’ve sold your data, and your email is in there, it’s trivial to find out who you are. Many people know to use a password manager like Bitwarden to generate unique passwords for every site, but few people think about their email address.
Why do I care?
Your email address leaking isn’t as bad as your passwords leaking, but it is still a problem. Let me give you some examples:
- A website you register on gets hacked and leaks their database. You used fake contact details, but used your same lazy email you use everywhere. It’s quite likely that there is at least one other data set out there that has that email linked to your name. Now it is possible to find out that you are using this website, even though you didn’t want to.
- Spam: If you use the same one or two email addresses everywhere, they will inevitably end up on lists that are sold to spammers. You will get spammed.
- Tracking: Companies tracking you for advertising purposes can much more easily gather data on you. This also applies to surveillance, or things like credit score, insurance etc. You’d be surprised at how advanced the tools companies use to gather data about people are these days. By refusing to make it easy for companies and agencies to collect all this data about people, you are effectively lowering their power.
- Doxxing, stalking, invasive behaviour: It’s not just companies who can find data about you. If you’re someone at risk of being targeted by stalkers or doxxers, then you want to lower as much as possible what they can find out about you.
For a more personal example, since I transitioned, tons of data brokers have somehow associated my deadname with my email. It has been near-impossible to fix, and I have received many job offers from recruiters using my deadname while emailing an email with my new name. Those people obviously bought my data from a data broker doing bad data matching.
My setup
Getting to the point, here is what I recommend if you want to keep your email private. As a disclaimer, I am not a security expert. This is just what I found works from lots of research, and it’s also a setup I’ve been using and that I believe is reasonable for people to run with. If your personal threat model is particularly extreme, then you might need more qualified advice.
Tools
- Protonmail or another privacy focused email provider
- Simplelogin This website/tool allows you to easily create email aliases for each account you create. They have browser and phone extensions which make it easy to use
Email addresses
We want to have at least 2 base email addresses, and potentially two domains. How far you go depends on tradeoffs you’re willing to make between privacy, cost, simplicity, and ownership of your email.
- Main email address: This is your actual email address that people would have in their contact, and that you’d use for official accounts. You ideally want to give this to as little as possible. Ideally on your own domain so that you can change providers without having to change your email address.
- Secondary email address: This is the email address that you use for everything else. It is more likely to leak, even with the tools we will use. I also recommend it’s on your own domain.
To domain or not to domain
Buying a domain name for your email is a tradeoff between privacy and control. If you buy a domain name, then you can change email provider in the future while keeping your address. If you don’t, then you will have to manually go over and change all your accounts one by one if you ever want to change email provider.
This also applies to the way you use simplelogin. Simplelogin can create email aliases for you without a custom domain, but those email addresses will be controlled by Simplelogin. You can use a custom domain with Simplelogin, but by doing so you are less private. Someone collecting data about you could find out that a single person uses this domain via simplelogin, and then any emails leaking from that domain would be associated with you. This is still a lot more private than just using the same email everywhere.
But if Simplelogin goes under, or has a privacy scandal, you’ll be glad to control the actual email addresses as migrating away from that service would be easy. The tradeoff is really up to you here.
Another small detail worth thinking about is that some websites will block Simplelogin, or might refuse sending emails to it. It is possible that an account you have on a website could end up in a bugged account if they let you register but their system later blocks the domain. This is one reason why I only use SimpleLogin aliases for accounts that are not irreplaceable.
In my case I chose the following:
- I own my main email address on one domain
- I have a secondary domain I don’t care about which is purely for use as a SimpleLogin domain. This domain has nothing identifiable in its name.
- I also use SimpleLogin aliases not on my domain for accounts that I don’t care about potentially losing
The full setup
- Start by dropping gmail
- If possible, own your main email. That is to say, buy a domain name (for example from OVH).
- Use an email provider that cares about privacy, lets you use custom domains, and ideally also encrypts. Protonmail is the usual recommendation, and they have other tools for privacy.
- Setup your domain name with your new email provider and create yourself a “main” email. This involves setting up DNS zones on your domain, and is a lot easier than it sounds. Most providers have easy to follow instructions for this
Let’s say you have bought mydomain.com for your serious contact email and unidentifiabledomain.com for your other emails. It is important that the second domain doesn’t have your name in it, as it could potentially leak. You will want the following:
- If your current email is already in a lot of datasets (you can tell easily from the spam you get really), consider creating a new main email address. This is a good occasion to get your own domain. I will assume you have your own domain from now on, but if you don’t you can still do most of this. At the very least, if you care about your privacy, try to leave gmail and use a more privacy focused email.
me@mydomain.com: whatever address you want as your true real main email. Only the most important accounts should have that, and even then you might want to connect this domain to simplelogin and create aliases (for examplebank@mydomain.com,taxes@mydomain.com,me@mydomain.com). This is the email you want to use with accounts that you can’t lose, and where you want to make sure customer support doesn’t think you’re using weird throwaway emails.me@unidentifiabledomain.com: This is a catch-all on your secondary custom domain. Useful as a generic throwaway when you don’t want to use an atlas, or can’t, or just want to make sure you can receive any emails to this domainmailbox.unidentifiabledomain.com: This is a subdomain of your domain for non-important accounts. This is what we will setup in SimpleLogin as our custom domain.[alias]@mailbox.unidentifiabledomain.com: Those are the aliases generated by SimpleLogin which will be the apparent email for most of your random accounts. Say,onlinegame@mailbox.unidentifiabledomain.com[alias].[someString]@simplelogin.com: Those are aliases which don’t use your domain. You can use this instead of your domain for accounts where you don’t care about not permanently controlling the email, and where you may want extra privacy in case of email leaks, to not leak your domain.
In SimpleLogin, you can add your custom domain, and set it up to send the emails either to me@unidentifiabledomain.com, or to your actual main email. Up to you.
How to do the switch
It’s a bit of work. But you can do it little by little. Do the following first:
- If you don’t have the time/energy to buy and setup domains or can’t afford it right now, at least start by using a privacy focused email provider like Protonmail.
- Create a Simplelogin account and install its browser extension on your browser, and its app on your phone. Simplelogin has a keyboard for iPhones which lets you very quickly generate email addresses, and the browser extension generates an alias for the website you’re on in one click
- Now that you have the bare minimum, make it a rule to always use simplelogin aliases for new accounts (or your proper non-gmail email for serious accounts).
- As soon as you can, buy and setup domains as explained above, if you do want to own your email addresses.
Don’t stress too much about updating accounts. It’s easy to procrastinate and fall back to the easy solution. Focus on what you can do now (using it on new accounts), and work on the older accounts over time. Doing something is better than nothing, and perfect is the enemy of good. Especially when we’re talking security and privacy.
You can use your password manager as a way to find accounts to update if you have one. If not, another way is to look through your emails to find accounts you use. Start with the most important ones or the ones you don’t want to have exposed.
Maybe you’ll want to do big batches of updating emails every now and then, or maybe set yourself a task to do a few every week. Up to you.
