Email, the Cloud and Privacy



Email

When you send an email, as when you send a letter through the postal system, you are relying on the operator of the system to deliver your email or letter to the recipient you specify and not to anyone else. The operator of a postal system must have a licence and is subject to regulation. With email the situation is more complex because a number of different Internet Service Providers (ISPs) will be involved.

Access provider ISPs provide Internet access, connecting users to their network by telephone wires, fibre-optic cable, or using 4G mobile data.

Hosting ISPs may provide services such as web-hosting (e.g. Google Sites), and cloud storage services (e.g. Google Drive) as well as email servers to send, receive, accept, and store email (e.g. Gmail). Many hosting ISPs are also access providers (e.g. BT) while others are not (e.g. Google). Some large organisations such as universities and large businesses provide their own hosting ISP.

Transit ISPs provide large amounts of bandwidth for connecting hosting ISPs and access ISPs. Just as their customers pay them for Internet access, ISPs themselves pay upstream ISPs for Internet access. An upstream ISP usually has a larger network than the contracting ISP or is able to provide the contracting ISP with access to parts of the Internet the contracting ISP by itself has no access to. In the simplest case, a single connection is established to an upstream ISP and is used to transmit data to or from areas of the Internet beyond the home network; this mode of interconnection is often cascaded multiple times until reaching a tier 1 carrier. In reality, the situation is often more complex. ISPs may have separate connections to an upstream ISP at multiple points or they may be customers of multiple upstream ISPs and may have one or more connections to each of them. 

Letters sent via a UK postal provider from one UK address to another UK address will never leave the UK. A letter from York to Canterbury might be routed via London but would never be routed via Paris. It is different with Email: if both you and the person you are sending an email to are both using computers or other devices in the UK and you both use mailboxes provided by hosting ISPs in the UK then the route taken by your email will probably be wholly within the UK, but even this is not guaranteed. The internet is a network of connections and the routing of traffic can vary. If there is a fault on one connection, traffic will automatically be diverted. Traffic can also be rerouted over under-utilised connections as part of load balancing. This can result in UK to UK traffic being "tromboned" so that an email from a Birmingham mailbox provider to a London mailbox provider might be routed via Paris. Of course if either mailbox provider is actually in another country - e.g. Gmail in the U.S.A. - then the email's route will, of course always include that, and possibly other, countries in addition to the UK.

The fact that multiple ISPs are involved in virtually every email transmission increases the risk of there being one ISP, out of all the ISPs involved, which might not respect your privacy. And the matter is further complicated if the ISPs are in different countries because the data protection laws may vary from country to country providing more or less or, at least, different legal protection. Nevertheless most people with ordinary legal cases (cases not involving trade secrets, for example) consider the risk of using email to be an acceptable risk particularly if the mailbox provider itself (where copies of emails sent are received are permanently stored) is not outside the UK jurisdiction.

Cloud Storage

The question of differing legal protection in different countries also applies, of course, to data stored with cloud storage providers such as Google Drive which store data outside the UK. For additional security a zero knowledge encryption system can be used. The idea of zero knowledge encryption is that data is encrypted before it is loaded to Google Drive or other cloud storage provider. Providing the encryption is good enough to be unbreakable - or as near to unbreakable as is possible - and the private encryption key itself is not stored on the cloud storage - it does not matter if some unauthorised person is able to see the data in cloud storage because all they will see is a meaningless collection of characters.    

When using a zero knowledge encryption system you cannot use the document browsing facilities of the cloud storage system itself (because if you did all you would see is meaningless characters) so you are reliant on the document browsing facilities provided by, or facilitated by, the encryption system. It may be the case that the encryption facility's browser is as good as the cloud storage provider's browser - or it may not. If you take the document browser provided by Google Drive, for example, it allows you to open a PDF, page up and down through the document, and then swipe right or left to get to the next or the previous document in the folder. You can also rename as PDF without leaving that view screen. Since the name that you give to a PDF copy of a document is normally based on information you are displaying (such as the date, sender and addressee in the case of a letter) being able to continue to display the PDF as you are typing in the new name is a great advantage. I am not aware of any encryption system providers that offer such a useful and time-saving document browser as Google Drive's browser (if any encryption system provider reading this does provide this facility, please let me know!). So in this case using encryption would make the system more difficult to use - not because of the encryption itself but simply because of the more limited browser facilities which happen to be made available by encryption providers.  

Most people with ordinary legal cases (cases not involving trade secrets, for example) consider the risk of using Google Drive (without encryption) as a convenient way of providing evidential documents - such as past letters and contracts - to a barrister for initial legal advice to be an acceptable risk especially as, it litigation subsequently ensures, many of those documents (but not, of course, the advice from the barrister itself) will probably be disclosable anyway at some point in the litigation. 


Web-based PDF services

There are a number of websites which provide services in relation to PDFs, such as creating PDF copies of documents originally in another format, rotating PDF pages, and changing PDF page sizes. If you use such services then, of course, your data will be transmitted to the servers of those service providers in whatever country they are located. Some of these service providers also offer a desktop alternative so that you can instead download a program and use that program on your own computer to carry out the functions without having to transmit your data to the service provider.


File Transfer services

The size (in MB) of files which can easily be sent as email attachments is limited so, for large files, file transfer services are often used. When using a file transfer service you upload the files to the service and then an email is sent to the intended recipient. The email does not contain the files as attachments but simply contains a download link which, when the recipient clicks on it, will download the files from the servers, in whatever country they are located, where the file transfer service has temporarily stored them. Most file transfer services allow you to load files using their website or using an app which you can install on your computer but even if you use an app the data is, of course, still stored temporarily on the servers in whatever country they are located, and the data, when being uploaded/downloaded may be routed through ISPs in other countries. 


This page was lasted updated in May 2019          Disclaimer