User data security, privacy and anonymity
User security, privacy and anonymity are three related concepts that overlap. In this blogpost, we will try to explain how Mailfence relates to each of them.
What is security, privacy and anonymity in laymen terms
In laymen terms, definitions could be:
- Privacy: Be able to fully control and manage one’s personal information or actions. In other words, ‘they’ can see who you are, but not what you do.
- Anonymity: Be able to become fully unrecognizable in one’s data or actions. In short, ‘they’ can see what you do, but not who you are.
- Security: Safeguards from threats, risks and danger. You are safe regardless of the fact that ‘they’ can see who you are, or what you do.
Mailfence and user data security, privacy and anonymity?
Below is a general visualization using a mind map. We will explain more in detail on how Mailfence relates to user data security, privacy and anonymity.
Mailfence and user data privacy
Based on our design philosophy, the privacy of user data is of the utmost importance to us. There are various ways in which Mailfence strives to protect user’s data privacy.
- Minimalistic approach: Our basic principle is we try to keep as little data as possible. Starting from the registration, we only ask your a first/last name. It doesn’t have to be your actual name – and that is only used for your display name. You can change it at any time. During registration we also request a username and an account recovery address (which could be an alias or a disposable address for privacy sake). Users are always encouraged to follow a minimalist approach on other in-application data points as well.
- No covert play: We use no tracking cookies, no browser fingerprinting and provide no secret access to third-parties. There are no ads, solicitations and during more than 17 years of operation of our company we have never commercialized our databases.
- Locally hosted: We host all of your data locally, under strict Belgian privacy and data retention laws. Only a court order from a Belgian judge can force us to release information.
- Third-party trackers: We filter out third-party trackers in all incoming messages to your account. Moreover, we also keep an eye on the evolving tactics of tracking users via emails, and improve our protections accordingly.
- Protecting your location data: We strip your device IP address from all of the outgoing email headers. This greatly helps in preventing malicious actors to geo-map your location.
- Other measures: We do have several other measures in place as well, e.g., strict in-house data access controls and retention policies, use of zero-knowledge frameworks, etc.
Mailfence and identity anonymity
Identity anonymity is important when thinking of online user data. At Mailfence we take into account several scenarios where anonymity layers are desired e.g., journalists, privacy activists, political dissidents, etc.
- Using Mailfence with onion-based solutions: Mailfence encourage users to use Tor browser or Clearnet or I2P or any other onion-based solution to achieve better anonymity. Of course, using a VPN is a plus, on condition if you trust a single entity with all your internet traffic.
- Support of Crypto-currencies: Mailfence support Bitcoins, Litecoins and Ethereum. We also plan to extend our support for other currencies as well.
- Pseudonymous porting and de-porting of data: This can be done using a display name of any sort while connecting through onion-based services, and paying via crypto-currencies. You can then easily port -(import) and share your data e.g., using direct access (public) link while keeping your identity intact. You can always de-port (export) all your data if you want as well. Thanks to our support of open standard protocols e.g., SMTP/IMAP/POP3, WebDAV, CardDAV, CalDAV, OpenPGP, etc which has made it all possible. We don’t restrict or lock users in our application eco-system.
Mailfence and user data security
User data security is always our foremost concern and we take it very seriously. Following are some of the aspects that we would like to highlight here.
- Two-factor authentication (TFA): Your account security is very important to us, and that’s why we have always encouraged users to protect their accounts using TFA. If someone gets hold of your password (e.g., via phishing) your account will still remain safe. However, make sure you generated and stored securely the backup recovery codes (in case you lose access to your TOTP app).
- Spam protection: We have several conventional and in-house spam preventive measures in place to protect your account from unsafe emails. We also plan to release a dedicated white and black-listing feature that will further empower users to retain control over unwanted emails.
- Malware detection: We have dedicated measures to protect your emails (+ attachments), documents and various other import points from malwares and other harmful content.
- Other measures: Various other security measures are in place as well, e.g., mandating all connections to our servers via Transport Layer Security (SSL/TLS) encryption, both for web services (+ PFS, HSTS) and IMAP/POP/SMTP email client, etc.
Achieving a sound level of online security, privacy and anonymity is more like a spectrum and looks different depending on your goals and activities. The purpose of this blogpost is to help you distinguish between data security, privacy and anonymity so you can use Mailfence with peace of mind, given your threat model. See our threat model to have a better idea on what Mailfence can and cannot protect you from.