PRIVACY ORIENTED | From the age of BIG BROTHER – greetings!

The world is in dire need of a free, anonymous, encrypted webmail provider that does not have anti-privacy insecurity or other major problems. There are currently a few outfits on the net that seem to attempt to fill this gap, but they all fall short. The biggest ones are listed here, along with why they’re inadequate.

Hushmail.com
Hosting: Canada
Incorporation: Canada
The Problem: Hushmail’s webmail is not secure at all and Hushmail has a history of giving up information to foreign governments persuant to Mutual Legal Assistance Treaties. Also the webmail requires Javascript and cookies. NSA access allegations (which they deny). Three weeks of not signing in and they hold your account for ransom.

Safe-Mail.net
Hosting: Israel
Incorporation: Israel
The Problem: Israel. Israel’s government, that is. That and Safe-Mail’s privacy policy is laughable. NSA access allegations (which they deny).  See my previous blog post for more on Safe-mail. Requires javascript upon initial signin.

AnonymousSpeech.com
Hosting: Malaysia
Incorporation: Switerland
The Problem: You only get 14 days before your free account needs to be paid for or it is deactivated. An e-mail address here, such as john.smith@anonymousspeech.com, is not good for using for every day business. People will wonder why you need such an anonymous account and think you must have something illegal going on! Also requires javascript.

MailVault.com
Hosting: Germany
Incorporation: Unknown, maybe none
The Problem: Hosting is down every once in a while, or logging in gives an error with an unknown cause quite often. The SSL certificate is usually long expired. The webmail app can be buggy. Also, early on there were allegations from a credible source of MailVault employees reading client’s confidential e-mails. MailVault is also run by MetroPipe, which has bad reviews (scroogle “metropipe”+”scam”). The story of MailVault’s creation is interesting as well. In none of what I just wrote am I referring to what Privacy.li has written about MailVault/Metropipe. Mailvault management doesn’t respond to client or potential client e-mails, and I can only hope that that is the case when a government agency e-mails them.

Cyber-Rights.net
Hosting: Canada
Incorporation: UK
The Problem: All the same ones as Hushmail, because they piggyback off of hushmail, but it’s even worse beause they’re in the UK.

S-Mail.com
Hosting: Russia
Incorporation: Ireland
The Problem: Requires java, javascript & cookies. I don’t know about much else with S-Mail.

I’m going to be asking the above e-mail providers about their privacy practices sometime in the future. Stay tuned for the results. I’m sure it will give us new reasons to fear most of them.

What the world needs is a webmail provider with the following:

1. free accounts for an unlimited time (could be limited in size to some amount within reason)
2. offshore incorporation (most important is that they’re not in: US, UK, EU, Israel or Canada)
3. offshore servers (most important is that they’re not in: US, UK, EU, Israel or Canada. Good places might be: Panama, Hong Kong, Malaysia, Switzerland, Bahamas, Andorra, Etc.)
4. PGP encryption built in
5. does not transmit user IP addresses with e-mails
6. does not require cookies, java, flash, javascript, active x or any other scripts.
7. preferably no logs
8. no storing of your encryption keys, if possible, so the provider can’t read your encrypted e-mail
9. pseudoanonymous way to pay for upgraded service (cash by mail, money orders, e-currencies, Western Union, MoneyGram, etc.)

Any offshore e-mail providers I’m missing? Post a comment and I might add that service.