Update 2019: I’ve been using ProtonMail for a while now and it’s brilliant. I’m leaving this post online, but times have changed and I definitely recommend ProtonMail as the best privacy-focused hosted email solution I’ve found.
ProtonMail finally went public today. They promise secure storage and handling of email, and who wouldn’t want that? Anybody who’s looking for some added privacy in light of all the big brother news of recent years would obviously be excited about a system that guarantees email privacy. So I went and signed up and checked it out. While there’s a free account tier, they start pushing for paid upgrades right from the start, so I ended up thinking about the possibility of moving my email domain there. Email is about sending and receiving, obviously. With the idea in mind that I don’t want others to read my email, I considered both sides of the story.
First, receiving email. Of course the obvious problem here is that I don’t know anybody right now who also uses ProtonMail, so the mail I receive will be sent by others who use traditional systems. This renders my received email insecure in any case — messages might have been intercepted before they came to me, and they will be stored in somebody’s Sent Mail folder somewhere, readily available to anybody who’s a good enough hacker or has some perceived legal right to access the information. So much about receiving.
Sending is a different thing, and ProtonMail actually does a cool thing here by enabling me to send encrypted messages to recipients who don’t use ProtonMail themselves. The implementation is quite nice and presumably even secure, it delivers a message to the recipient that incorporates a link, and by going there and entering a pre-arranged password, they can see the message I sent. By default, this message has a limited lifetime and self-destructs at a later point.
Problem is, I don’t see myself doing this much in reality, for various reasons. For a start, I hate it myself when I receive emails that don’t follow some basic email rules. Some people, like my lawyer, like to attach stuff to emails — they don’t put their content in the body and use the attachment instead. A pita if you have to constantly bring up a secondary document to read the actual content. Hard to work with when replying or quoting. Other people don’t use proper subjects, for instance because they’re using some fancy document management system on their end. Again, hate it, because I can’t readily see what the email is about when the subject says something funny like “Document 974/WXF/Blarg”. Of course, sending messages with links instead of content is also bad because it means the other party can’t archive the email themselves, find it later, etc. Perhaps it is a bit of a push so there’s a chance the other party would also install ProtonMail, but this is not something I really want in either my normal private communications with friends and family, nor in my business communication with clients or partners.
Taking this thought further: if I’m only going to be using the feature on occasions where I seriously want privacy in spite of the points above, this might create suspicion in itself if somebody should be watching me. Sure, sending email in a safe way should be a thing everybody’s interested in, the norm instead of the exception. But in reality it’s not, and I’ll have to assume that people think I’m explicitly hiding something if I utilize special mechanisms for some of my emails.
Finally, by making a move to ProtonMail, I’d have to use their system and their client exclusively for my email. It’s a nice client, but it’s not great. It confused me immediately in simple aspects like the lack of support for keyboard bindings (tried C for Compose, Shift-Tab to navigate backwards in the compose window — both don’t work). The maximum mailbox size is 20GB even if I pay a lot of money — my current mail archive is twice that size. The client doesn’t seem to support follow-up archiving of email, or filtering or auto-labelling rules, let alone the kind of clever auto-categorizing of email I’m used to in Google Inbox by now. It does have a spam filter, but whether that lives up to Google capabilities (which I like a lot) I’d have to test in lots of detail.
So, is this kind of thing the future? I don’t think so at this time. I appreciate that somebody needs to make a first step if we’re ever going to have a future that is more private than what we have now, but at the moment I’m not sure I’m willing to make this step. Well done, ProtonMail, for what you’ve created! I think the system is great! I wish it was more applicable to everyday requirements!