Email Privacy and Encryption

by | Continuing Education

How private is your email?  These days, if we are talking about the email you send and receive though the place you work, the mail belongs to your employer and therefore not private.  If we are talking about you sending email to your friend on your personal account, it is considered private correspondence.  Waters get muddied when you send business correspondence, or conduct business through your personal account.  Best practice is always to keep personal email on your personal account and work/business only on your work account.  Your personal email stays personal that way.

So, how does Google and other email services know to send you ads about what you’ve written to someone if it is private?  Simply put, they ‘read’ your email.  Each email that is sent or received is analyzed for content, spam and malware.  While they are making sure your email is safe and free from viruses they also tailor ads to the content that is machine ‘read’.  Since it is software doing the analysis, it is still deemed as being private correspondence.

While the thought of a machine reading your email receipt from DSW and tempting you with ads for pretty new shoes (maybe that’s just me) might be a little creepy, it is generally harmless.  What isn’t harmless is sending private information in an unsecured or unencrypted email.  What is considered private information?  Generally any data that is personally identifiable is considered private.  Data that would fall under this category are full names, addresses, SS#, passport information, vehicle plate or registration, credit card numbers, DOB, birthplace, medical info, telephone numbers… the list goes on.  Any data that when used to distinguish you from another person is considered private info, or personally identifying information and what you want to protect if you are sending it in an email.

The best way to protect private or personally identifiable data is to encrypt it.  End to end encryption is typical for mail encryption and the idea behind it is that only the communicating parties have the keys to decrypt the messages.  If the mail was intercepted, it could not by read by anyone else.

While the need to encrypt messages is not a need for everyone, those of you who handle HR, some types of billing, any medical info, and any other personally identifying info that isn’t public record should be encrypting your emails.  If you’d like to know more about mail encryption, let us know.