Most email is a privacy disaster. Gmail scans your messages for ad targeting, Outlook shares data with Microsoft’s advertising network, and Yahoo has a history of cooperating with mass surveillance. This guide compares privacy-focused providers on their encryption model, jurisdiction, and what they log.
What “Private Email” Actually Means
Privacy-focused email providers protect:
- Content at rest: Messages encrypted so the provider cannot read them
- Metadata: How much they log about who you email and when
- Legal access: What they hand over to law enforcement and under what process
No email provider protects content exchanged with Gmail or Outlook users. those servers see messages in plaintext.
Proton Mail (Switzerland)
Encryption - End-to-end encrypted storage. Messages encrypted with your public key before storage. Proton cannot read content. Proton-to-Proton messages are E2EE by default. Subject lines encrypted since 2023.
Metadata - IP addresses logged for a limited period. In the 2021 activist case, Proton provided an IP address under Swiss court order.
Jurisdiction - Switzerland. Requires court order for disclosure. Has cooperated with Europol requests when Swiss courts approved.
Tor access - protonmailrmez3lotccipshtkleegetolb73fuirgj7r4o4vfu7ozyd.onion
IMAP Bridge:
Install Proton Bridge for standard email client access
Download from proton.me/mail/bridge
Creates local IMAP server at 127.0.0.1:1143
and SMTP at 127.0.0.1:1025
proton-bridge --cli
Tuta (Germany)
Encryption - Encrypts subject, body, and attachments using AES-128 + RSA-2048. Also encrypts calendar and contacts.
No IMAP/SMTP - Tuta does not offer IMAP/SMTP. you must use their app or webmail. This prevents handling decrypted content through third-party clients.
Jurisdiction - Germany (EU). GDPR protections apply but German courts can compel disclosure.
Key difference - Free tier with encryption. Does not support custom IMAP/SMTP access.
Fastmail (Australia)
Encryption - No E2EE. Fastmail can read your messages. Standard hosted email with a strong privacy policy but not end-to-end encrypted.
Jurisdiction - Australia (Five Eyes member). Australian authorities can compel disclosure without notifying you.
When to use - When you want reliable, ad-free email from a reputable company that doesn’t monetize your data. but don’t need encryption from the provider’s access.
Runbox (Norway)
Encryption - No E2EE by default. Supports PGP via plugins.
Jurisdiction - Norway. Not a Five Eyes member. Strong privacy culture.
Self-Hosted Options
Mail-in-a-Box - full mail server in one script
curl -s https://mailinabox.email/setup.sh | sudo bash
Stalwart - modern mail server with JMAP support
Download from stalw.art
Self-hosting gives full control but requires maintaining DNS (SPF, DKIM, DMARC) and spam filtering.
Comparison Table
| Provider | E2EE | Subject Encrypted | Jurisdiction | IMAP | Free |
|---|---|---|---|---|---|
| Proton Mail | Yes | Yes (2023+) | Switzerland | Via Bridge | Yes |
| Tuta | Yes | Yes | Germany | No | Yes |
| Fastmail | No | No | Australia | Yes | No |
| Runbox | No | No | Norway | Yes | No |
Sign Up Anonymously
Use Tor Browser to sign up
Proton and Tuta accept Monero for payment
Do not provide recovery email or phone if anonymity matters
Verify Proton .onion is reachable via Tor
torsocks curl -sI https://protonmailrmez3lotccipshtkleegetolb73fuirgj7r4o4vfu7ozyd.onion/ | head -3
Email Encryption - E2EE vs. Conventional
The distinction between “encrypted” email providers is critical:
End-to-End Encryption (E2EE):
- Only you and the recipient can decrypt messages
- Provider cannot read your messages
- Proton Mail and Tuta use E2EE by default
- Subject lines are encrypted (Proton added this in 2023)
- Downside: Sending to non-E2EE addresses (Gmail, Outlook) means no protection once received
Provider-Side Encryption (Not E2EE):
- Messages are encrypted in storage but provider has decryption keys
- Provider can read your messages
- Happens transparently. better for searching and archiving
- Fastmail and Runbox use this model
- Faster, simpler, but provider is a trusted party
No Encryption:
- Standard Gmail/Outlook
- Transmission is usually TLS-encrypted, but messages stored in plaintext
- Provider reads messages for ads, law enforcement, training ML models
Threat Model Matching
Choose Proton Mail if:
- You communicate with other Proton users frequently
- You send sensitive data (medical, financial, legal)
- You distrust cloud providers in principle
- You need Tor access for anonymity
- You can accept the friction of non-E2EE with outside recipients
Choose Tuta if:
- You want free E2EE with no compromises
- You don’t need IMAP/SMTP (webmail or app is fine)
- Your threat model is provider-snooping, not governmental
- You prefer German data protection law
Choose Fastmail if:
- You need reliable, fast email from a reputable source
- You trust Australasian jurisdiction
- You don’t need E2EE from the provider
- You want full IMAP/SMTP, calendar, contacts in one place
- You’re not sharing sensitive medical or legal information
Choose Runbox if:
- You want privacy without E2EE overhead
- You trust Norwegian data protection
- You need strong phishing protection and storage
- You can afford the subscription
Metadata Handling in Detail
What Email Providers Log:
| Provider | IP Address | Headers | Contacts | Login Attempts |
|---|---|---|---|---|
| Proton Mail | Limited period | No | Encrypted | Logged |
| Tuta | Not logged | No | Encrypted | Logged |
| Fastmail | For abuse prevention | No | On-device only | Logged |
| Runbox | For abuse prevention | No | On-device only | Logged |
| Gmail | Indefinitely | Full | Shared with ads | Indefinitely |
Metadata is harder to protect than content. Email headers reveal:
- Exact send/receive times
- Which mail servers processed it
- Email client software
- Message size (reveals attachment presence)
Proton encrypts Subject headers; most others don’t. Tuta encrypts headers for Tuta-to-Tuta messages only.
Legal Access Process
When law enforcement requests data:
Switzerland (Proton):
- Requires a Swiss court order
- Proton has pushed back on some requests
- 2021 activist case: Proton provided IP under court order (user was not notified until later)
Germany (Tuta):
- Requires German court order
- EU GDPR applies but German BND can request data via GDPR loopholes
- User is not notified of requests
Australia (Fastmail):
- Australian authorities can demand data under Telecommunications Act
- No notification required
- Five Eyes member. data can be shared with US/UK/Canada/NZ
Norway (Runbox):
- Requires Norwegian court order
- Not a Five Eyes member
- Stricter than Nordic neighbors
If your threat model includes governmental access, avoid Five Eyes jurisdictions (US, UK, Canada, Australia, NZ).
Testing E2EE Implementation
Verify a provider actually uses E2EE by testing with a recipient:
Create test accounts on Proton and Tuta
Send a message from Proton to Proton (E2EE)
Send a message from Proton to Gmail
Check if Gmail received encrypted content or plaintext:
In Gmail, view message source (⋮ → View message source)
If you see plaintext, Proton → Gmail is NOT E2EE
The Proton user's view shows decrypted text
The Gmail user's view shows a link to Proton to decrypt (or plaintext if Proton bridge exists)
Only E2EE between matching providers ensures both sides see encrypted content.
Proton Mail vs Tuta - Head-to-Head for 2026
Choosing between them:
Choose Proton Mail if:
- You need IMAP/SMTP for standard email clients
- You use Tor and need the .onion domain
- You want subject line encryption
- You share email frequently with other Proton users (full E2EE benefit)
- You can tolerate higher pricing (starting €4.99/month)
Choose Tuta if:
- You want free encryption with no compromises
- You exclusively use webmail or Tuta’s apps
- You’re budget-conscious
- You need contacts and calendar encryption
- You don’t need IMAP access to external clients
Both are excellent choices. The decision comes down to:
- IMAP requirement → Proton
- Maximum free tier → Tuta
- Subject encryption matters → Proton
- Contacts/calendar encryption matters → Tuta
For a one-person household - Tuta free tier is sufficient. For tech-savvy users needing flexibility: Proton Mail Plus ($4.99/month).
Testing Provider Privacy Claims
Don’t trust marketing. Verify with tests:
Test 1 - Check Proton subject encryption
Send email from Proton to Proton, view raw message source
The subject line should be unreadable (encrypted)
Test 2 - Check Tuta metadata protection
Send email from Tuta to Tuta
Wait 24 hours, request your data via Settings > Data export
You should not see IP address logs
Test 3 - Verify no cloud backup of contacts
Add a contact in your email provider
Check if that contact appears in Google Contacts, Apple Contacts
It should not (provider should not share with Apple/Google)
Migration Strategy
Moving from Gmail to privacy-focused email:
- Create new account on target provider (Proton/Tuta)
- Update important accounts. banking, SSO, password managers
- Create email forwarding rule on Gmail:
- Settings → Forwarding and POP/IMAP → Forward all emails to new address
- Keep Gmail active for 6 months to catch forgotten subscriptions
- Update contacts gradually. no rush to tell everyone your new email
- Set up subaddressing on new provider (if supported):
- Proton -
yourname+service@protonmail.comfor service-specific addresses - Tuta: Similar feature available
- Proton -
- Archive Gmail after 1 year. keep it read-only for reference
Related Reading
- Privacy-Focused Weather App Alternatives
- How to Remove Metadata from PDF Files
- Privacy Risks of QR Codes Explained
- Best Encrypted Email Providers For Privacy Compared Protonma
- AI-Powered Cloud Cost Analyzer Tools Compared
- AI Coding Assistant Session Data Lifecycle
Built by theluckystrike. More at zovo.one