I believe that the best option is to be aware that everything that you're sending is systematically scanned by machine learning algorithms, stored and sent to whichever has the money/ power to convince your email provider. This applies to gmail or any other company. If your corncern is that your mail are only read by the person you intend to, you could perfectly use gmail with gpg and be sure enough that your messages won't be read until the advent of quantum computing. Protonmail is doing this basically from a webmail, so you don't have to worry about managing your keys, *only* trust that they encrypt well your private key. But if your level of tinfoil hat-edness is high enough you probably shouldn't be using email at all, but other protocols with perfect forward secrecy, and mechanisms that you can make sure that the messages you send can be securely erased. In an increase of paranoia, Whatsapp/Signal/Jabber+OTR+Tor are good choices. All these options use a client-server model in which you have to "somehow" that they don't leak the metadata to national agencies or such, even though they are not able to obtain the plain texts of your messages in a foreseeable future. You could run your own Jabber server, get a certificate, and route the messages through tor yourself, but it obviously takes time. Pond, which has been discussed many times in this list, is the closest you can get to email, without being email. Difficult to categorize but worth looking are Bitmessage, which is "like" mail, but uses bitcoin's blockchain protocol, and Ricochet, which send messages by running hidden services. It does not provide encryption beyond the transport layer provided by tor. Then, it comes the turn of serverless systems that are somewhat less known. Your messages get to their destination in a similar fashion that you get files through torrent. There are promising projects such as Tox which isn't a messaging app in itself, but a protocol (famous clients exist such as qTox or uTox), Retroshare, Ring (found by one of the creators of Skype) etc. At the end it depends mainly on your needs, and how nuts you are. Hope this helps. John Newman:
Do any gmail users (which I've noticed there a lot of on the list, as well as in real life, heh) feel at all threatened by what Google is doing with access to your entire mail stream? They've publicly stated users have no "reasonable expectation of privacy".
Do you use gmail for your main / private / important emails, in addition to list correspondence?
Or do you consider the internet so pwned that it doesnt matter? (although, why make it easier for them..)
I'm just curious... I started getting squeamish about it myself a good few years back, before snowden, just because it seems like an obviously bad idea to house all my correspondence at the HQ of one of the biggest corporations in the world, for them to play with, mine, and cross-index for targeted advertising as they see fit..
Setting up your own mail server (postfix+spamassasin+...clamav+..whatever) isn't really that hard, although you gotta pay a hosting fee, depending on how you decide to do it. And I guess there are other alternatives to gmail that are much better in this area, although I'm still inclined to use my own thing..