How private is your e-mail?
Interesting question this, brought to the fore recently by a client of ours. Due to a mail server upgrade and subsequent restore of an out of date user database, his server reverted to an initial email configuration from when we had first commissioned the server. Oh dear…
This particular configuration includes the Admin email as a BCC on accounts so that we could test full functionality before handing over to the client, at which point the BCC is removed - obviously. Long story short, I didn’t notice what had happened and some emails got delivered to my email account (mine is the admin email for the server) and my malfunctioning Exchange setup kindly delivered Read Receipts in response, despite my not actually reading the messages (in fact they ended up in my junk filter on Entourage and I never saw them until the client advised me). As a result, the client assumes that I’m snooping his email. Actually, I totally take his point and can see his side of things. All I could do was to explain the mix-up and point out that if I wanted to read his email, I could do it from the command line without him ever being aware of it - indeed any remote support agent working for any ISP would probably be capable of doing that. Of course, I would never dream of reading somebody else’s messages, but it got me thinking: how private is your email?
In a scenario like the one described above, the trust issue is not perhaps so significant. Pretty much all our hosting clients know each of the team at Higher Sites, having met us or conversed with us on the phone. In fact, until now, my integrity has never been questioned by a client and I’ve never really thought about the wider implications. In fact, we host websites with highly sensitive data and none of these clients have ever even asked about the security or access restrictions to their email, which in itself is possibly worrying. If you host your website and email with a much larger hosting company, could it be that you do not know everyone who has potential access to your email account? Indeed, if the company is large enough, could it be that the owners/managers/supervisors don’t really know whether every member of staff is trustable?
I certainly don’t mean to question the integrity of any other hosting company or any employee, but given the huge potential for identity theft presented by access to an email account, I think it’s reasonable to assume that there could be some unscrupulous individuals out there. Additionally, I don’t want to be responsible for whipping up unnecessary paranoia, so I think it’s safe to assume that in the vast majority of cases, there is no risk attached to your email.
The main problem with email snooping is that it is almost impossible to prove in court. In the case of employers looking at employee email, provided the employer has a published email policy, they can in fact monitor everything you send and receive. As a result, I would recommend that you never use a company email account for personal messages. In the case of the end user, your ISP may well have rights to view your email when server performance requires it. In fact our terms and conditions allow us to do precisely this, though they also tie us to confidentiality. Examples of this include accessing a mail account to identify and delete malformed messages that are causing email collection problems.
In all cases, if required by a court order, or law enforcement, any ISP would have to deliver up the content of personal email accounts.
Email snooping is, in the context described in my introduction, a civil issue, so even if you suspected your ISP was viewing your email, you won’t get any help from law enforcement. I guess you could argue a breach of human rights, or even data protection laws, but it would take a vast sum of money to fight this in court and you would need cast iron proof - automatically generated Read Receipts, access logs etc., would probably not suffice as they are too easy to forge. Basically, what I’m saying here is you’re much better off preventing it from happening in the first place than trying to seek damages after the fact (unless you have a penchant for wasting money, of course).
Now, if someone were to use your mailbox to commit identity theft for instance, then it would become a criminal matter. Unfortunately, again, this will be next to impossible to prove, and you will almost certainly end up liable for any fraud committed as a result (although you could argue that it will be just as impossible for any credit company to prove you did send a particular email).
It is possible now to complete credit agreements entirely online, and this all hinges around an email address. Here’s where it gets more scary though. When you register for accounts online, you often get confirmation delivered to your email box, sometimes this includes passwords. Of course, a bank would never confirm your password in an email, but most people use the same password (or a small collection of passwords) for all their online accounts, and less secure websites will confirm these in an email. Thus, a snooper could in fact obtain huge amounts of personal data and login information by viewing your email account. Once he has a list of your commonly used passwords, it may become a simple matter to start accessing secure websites.
So, you probably have a shredder already for your papers at home, and you are careful about identity theft in this way, but how long will it be before email starts getting abused? Setting up a hosting company is very easy these days, and the majority of punters will go for the cheapest possible service. Criminals could easily get a few cheap servers online, offer very cheap or free hosting and email, and before you know it they could be helping themselves to all your personal data.
All this can be avoided by taking a few simple precautions:
- Choose a reliable web host with a solid reputation. Such a host will gladly supply testimonials or checkable references.
- Find out about the physical security of the data centre.
- Ask what their policy is on email passwords (for instance, Higher Sites keep no record of these).
- Check the terms and make sure you are covered by a confidentiality clause (all our customers are).
- Consider using encryption methods such as PGP to protect your most personal data.
- Set your email client to download and delete messages from the server - don’t use webmail.
- Use a complex email password - dictionary words are very common and highly insecure (likewise, ensure your PGP encryption keyphrase is suitably secure).
At Higher Sites we have recently taken the decision to vastly increase the security of our hosting by renting an entire rack in a UK data centre. Only people we specifically approve will be able to access our servers. In fact, due to the nature of some of the records we will soon be storing in our client databases, we will also be performing CRB (Criminal Records Bureau in the UK) checks on all technical staff who will access the servers. We will make this information available to anyone who asks for it. All remote access to the servers will be over a SSL connection, and there will be absolutely no FTP access to the server. Hopefully, other hosting companies will follow suit.