{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreifllablfj27xsmnroajzzuwwz2n5y42lvkrb4pjrvijjnuwzxnkqe",
    "uri": "at://did:plc:wqr6krumizcq6wiwqmn7t6wu/app.bsky.feed.post/3mehkzan3w5g2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreigvvzp47uupek2yhbi4nzx6t4gl347aedsduhhq36gqe6iaijshhm"
    },
    "mimeType": "image/webp",
    "size": 270308
  },
  "path": "/email-and-encryption/",
  "publishedAt": "2026-04-25T23:14:29.725Z",
  "site": "https://yowalsh.com",
  "tags": [
    "Proton Mail",
    "Tuta Mail",
    "Proton Docs",
    "Tuta Blog",
    "Google Workspace Updates)"
  ],
  "textContent": "**Encryption is a hot tech buzzword in 2025. But what is it, why is it important for your email, and what do the top players offer over those email companies that serve \"everyone\"?**\n\n### Table of Contents\n\n  * Whaaaaaaaat ....Is Encryption?\n  * Which End Is End-To-End?\n  * What About Gmail?\n  * Why Proton / Tuta Then?\n\n\n\n### Whaaaaaaaat ....Is Encryption?\n\nImagine you want to send a secret note to your friend. With Gmail or Outlook, you usually hand the note to Google or Microsoft first. They put it in an envelope, deliver it, but they keep a copy of the key so they can still peek inside if they want. They say they’re just “helping” — for spam detection or smart features — but the point is, they control the lock.\n\n_(or, if you prefer, imagine you have nowhere to undress, and the other person in the room promises to not peek.... but then peeks, just to make sure you are healthy under the clothes you're wearing)_\n\nProton Mail and Tuta Mail work differently. Here’s the metaphor:\n\n  * **Locking the Safe on Your Side:**\nWhen you write a message, your phone or computer puts it into a safe **right on the device you are using**. Before it ever leaves your hands, the safe is locked shut.\n\n  * **Sending the Safe, Not the Note:**\nProton or Tuta’s servers only store or deliver that locked safe. They never see the note inside. To them, it just looks like a jumble of random letters and numbers — total nonsense.\n\n  * **Only Your Friend Has the Key:**\nThe person you’re writing to has the matching key. When they open their Proton or Tuta account, their device unlocks the safe and shows the real message.\n\n\n\n\n### Which End Is End-To-End?\n\nOk, so now that is clear, right? But there's different types of encryption. Maybe you've even overheard people talking about end-to-end encryption at the local coffee shop or supermarket, right? :)\n\nThis is what people mean by **end-to-end encryption (E2EE):**\n\n  * The lock (encryption) happens on your device.\n\n  * The safe travels locked through the internet.\n\n  * Only the right recipient’s device can unlock it.\n\n\n\n\nProton calls this a **zero-access design** :\n\n> “All messages in Proton Mail are encrypted on the client side using open source cryptographic libraries before they reach our servers. We do not have access to your messages.” (Proton Docs)\n\nTuta says more or less the same:\n\n> “All data is encrypted directly on your device before being transferred to our servers. We have no access to your private keys.” (Tuta Blog)\n\n### What About Gmail?\n\nFor most people, Gmail works differently:\n\n  * **Default Gmail:** Google controls the keys. While they say they stopped scanning email content for ads in 2017, Gmail still scans messages automatically for “smart features” like spam filtering, reminders, and autocomplete - _\"Trust me, my eyes are closed\"_\n\n  * **To Be Fair News (September 2025):** Some Google Workspace users now have access to _client-side encryption_. This means those accounts can send and receive messages that are encrypted on the device before reaching Google’s servers _(Google Workspace Updates)_\n  * **Limits:** Client-side encryption in Gmail is **not available to free Gmail users**. Most people on Gmail still rely on Google holding the keys.\n\n\n\n* * *\n\n### Why Proton / Tuta Then?\n\nIt's all really confusing and technical (even to someone who is immersed in tech). Many on the internet will argue their last breath away to convince you why their favorite company is the best, or why this is not important at all (if you are reading Reddit, you've been warned).\n\nBottom line to understand is this:\n\n  * **Proton and Tuta** : End-to-end encryption is **standard for everyone** — even free users. The companies literally do not have your keys, so they cannot read your messages. Free as in beer. You can sign up for one (or both) and kick the tires around.\n\n  * **Gmail** : Encryption is mostly server-side. Only a limited group of Workspace accounts can use client-side encryption, while billions of free Gmail users still depend on Google’s systems having access.\n\n\n\n\nSo if we go back to the metaphor:\n\n  * **Gmail:** Like giving your diary to a friend (or stranger) who promises not to peek… but still holds the master key.\n\n  * **Proton and Tuta:** Like writing in an unbreakable diary where only you and your friend have the key. Even the company storing the diary can’t open it.\n\n\n\n\nThis is how Proton and Tuta are different: they made privacy the default, not a premium extra. And fair disclosure: I use Proton. I would recommend either of them to be honest. And if you can't decide, consider this:\n\nAre you coming from Google's ecosystem and like all the different services they offer? **Go Proton**\n\nAre you a Linux user looking mainly for email? **Go Tuta**\n\nJust looking for email? **Either works**",
  "title": "Email & Encryption",
  "updatedAt": "2025-10-02T00:19:00.000Z"
}