I suggest you ...

Encrypt all metadata

Scryptmail has implemented this feature. This means that they don't keep unencrypted copies of the titles of the messages, or the e-mail adresses of the people you correspond with.

Considering this service doesn't support POP3 or IMAP, why not implement this as well? I don't think a service which could hand over a list of everyone you correspond with to the authorities is really keen on privacy.

42 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Olivier shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →
    planned  ·  AdminTutanota Support (Admin, Tutanota) responded  · 

    We plan to hide the metadata. We already encrypt the subject and strip ip addresses from emails. However the email address itself can’t be easily hidden as it is needed to deliver the mail.

    4 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      Submitting...
      • Anonymous commented  ·   ·  Flag as inappropriate

        “We kill people based on metadata.”
        - Michael Hayden, former NSA and CIA director

      • Anonymous commented  ·   ·  Flag as inappropriate

        Dear Tutanota Team

        If this is 'Planned' work could you add it to your advertised Development Roadmap please?

        Currently the To Name, From Name and Date/Time are NOT encrypted on the Tutanota service. This is a significant issue.

        My expectation is that the following are encrypted or stripped by default:

        To Name
        From Name
        Date and Time
        Email Subject heading
        Email body/content/attachments
        All IP Addresses

        It is well documented that the metadata is as important to surveillance agents as the email body/content. If your mission is End-to-End encrypted communication then the above must be a priority in your development roadmap. Other encrypted email services offer this so it must be technically possible.

      • Anonymous commented  ·   ·  Flag as inappropriate

        The metadata can be encrypted provided it remains within Tutanota (sender and receiver). So that's the starting point. The question of non Tuanota is another story. I appreciate the difficulties this presents but if you could. :) :) :).

      Feedback and Knowledge Base