Our operating costs are much higher than run-of-the-mill hostings due to the nature of our services, the redundancy of our infrastructure and the quality of our personnel. Just the strength of our SSL certificate causes 500% to 1700% more computational load than regular email services (see why here). The jurisdictions where we harbor your data are also among the most expensive in the world.
ETHICmail® is the only email privacy service expressly designed under the guidance of specialized attorneys to legally protect your confidentiality against communication interceptions at the datacenter level, exactly where all your messages are stored. ETHICmail® is an international registered trademark for confidential email and legal services in the United States of America and the European Union including Austria, Belgium, Bulgaria, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, the Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden and the United Kingdom.
Yes, all your emails are kept confidentially and their content is never accessed except for the automated email security scanning we perform to protect you from viruses, trojans and other exploits. It is explicitely forbidden to all our IT personnel to access any email content, and all our contracts enforce strict confidentiality clauses.
Contrary to the mainstream email hosting industry (and more particularly the businesses offering so called "free" email accounts) where email scanning often includes content extraction or content analysis done for marketing purposes, ETHICmail® considers that the content of emails deserves outmost privacy and all our policies are designed to uphold this privacy by all available legal and technical means.
For this reason, ETHICmail's email server accept the reception and sending of messages including encrypted and encrypted+compressed attachments without any problems, what is not the case with many mainstream email providers.
The technical operation of our packages is similar to other regular email hostings. Through your administration control panel you set up your various email accounts. The email accounts can then be accessed through a separate interface.You enjoy two levels of control: the Administration Control Panel for your administrator, and the individual Email Control Panels for each of the users of your email accounts. Please consult our KNOWLEDGEBASE for more detailed technical informations.
When you subscribe, as customer, you receive the set of credentials required to access your client area in our support & billing system, and as administrator, you receive the access credentials required to access your administration control panel where you can set up the individual email accounts. Please consult our KNOWLEDGEBASE for more detailed technical informations.
In your Administration Control Panel you simply create the email accounts you wish to assign, and later on give your correspondents the credentials you previously set up for each separate account (the users you assigned these email accounts can freely change their passwords, and access each their own individual instance of Email Control Panels, webmail applications and SecureStorage™).When messaging by webmail with these correspondents (and vice-versa), the content of the emails reaches directly our servers while being protected by our secure SSL connections, and are delivered internally in the ETHICmail® cloud.This is the simplest method ensuring that the messages will not be compromised by transiting unencrypted through a plethora of external networks, routers and servers of unknown integrity. Please consult our KNOWLEDGEBASE for more detailed technical informations.
Server-side encryption is often considered not secure because under most jurisdictions, authorities can oblige the provider to intercept the user key and decrypt the stored material.It is precisely for this reason that we spent years investigating the best jurisdictions to harbor your sensitive data. We operate under laws severely restricting the recourse to interception warrants, and where the few individuals submitted to these warrants are notified of the fact at the end of the investigation.
Customers preferring to rely on client-side encryption can do so at any time because the ETHICmail service does not interfere with the original content of messages.
Privacy cannot be solved by technology alone. Those who advocate pure client-side encryption focus exclusively on technology and forget to address two fundamental issues:
Yes, absolutely. Please consult our KNOWLEDGEBASE for more detailed technical informations.
Yes. At any time, through your Administration Control Panel, you can delete and create email accounts, or change the password of an existing email account if you wish to reassign a given email account to another correspondent. Please consult our KNOWLEDGEBASE for more detailed technical informations.
Actually, technical support services are provided in english, french and spanish. Legal information services are provided in english only, but might be translated under request. Please consult our KNOWLEDGEBASE for more detailed technical informations.
The SSL connections which trigger your browser to display the current internet address in green characters or over a green background require so called SSL EV (Enhanced Verification) certificates.
If you check our SSL certificate, you will discover that it is valid for all our ETHICmail® domains at once.
We decided to secure our domains under a single SSL certificate because this provides for easier monitoring, both for us and our customers (as client, you can for example use free products like Certificate Patrol to control SSL certificates).
We decided to trust StartCom as our CA (Certificate Authority) for its ability to support 4096bit SSL certificates, which is not a common practice in the industry. In turn, StartCom does not support EV certificates securing various domains simultaneously, which is the reason why we don't use an EV certificate.
No technology is infallible, but this doesn't mean that a satisfactory level of security can't be achieved. It might seem surprising, but the quality of ETHICmail's SSL connections is better than the SSL connections offered by the majority of online banking systems. We invite potential customers to use the free SSL Server Test tool from Qualys to compare their own online banking connection with ETHICmail®.
Connections to our web pages mitigate MITM (Man-In-The-Middle) attacks based on Moxie Marlinspike famed sslstrip tool because our servers implement HSTS (HTTP Strict Transport Security) by default.
ETHICmail® also implements SSL connections using Diffie-Helmann Ephemeral keys preventing an attacker to decrypt intercepted and recorded content of our SSL connections even in case our private SSL key would fall in the wrong hands.Finally, we use a paranoid key size of 4096bit for our SSL certificates, which should provide us quite some privacy even in the very improbable case the NSA succeeds in creating a quantum computer with enough Qubits to run Shor's algorithm.
We believe that our system is secure, but cannot achieve 100% invulnerability. Any provider claiming absolute hosting security would be making false pretenses.
For this reason we take outstanding care about the strength of the SSL connections we provide to our customers, we limit confidentiality violations by always storing your data outside your country of residence hence preventing direct abusive access from your authorities, and exclusively harbor your data in carefully selected jurisdictions respecting digital rights privacy.
However, there is little we can do to sanitize the local computing environment our clients routinely use to access our services. A simple keylogger on a client's computer could catch a critical password, reason why the computers used by our customers are one of our main concerns. It is therefore essential that customers and users actively participate in the global security effort by ensuring the integrity of their own hardware and software through all appropriate means. Please consult our KNOWLEDGEBASE for more detailed technical informations.
We would love to, but unfortunately we cannot protect your communications against targeted attacks by signal intelligence agencies.ETHICmail relies on technical and legal instruments unable to compete against entities which do not respect the law, benefit from unlimited technical, financial and human resources, and covertly operate under the protection of their government.We shield your privacy against corporate or financial espionage, hacking, data theft, malicious individual acts, and possible abuses of law enforcement agencies.We hope that ETHICmail's best practices interfere with covert mass data siphoning programs, but if for whatever reason you represent a particular interest for an intelligence agency, then there is little you can do to protect your privacy given the disparity of means at disposal.
No, none whatsoever. Please do not write or call us asking if a particular motive X or Y could be object of an interception warrant we could not challenge. The ten classes we do not challenge beyond an extensive control of compliance to all laws and regulations are, explicitely and exhaustively:terrorism, pedophilia, kidnapping, counterfeiting, illegal immigration, extorsion/blackmailing, traffic of prohibited substances, homicides/loss of human life, traffic of weapons/ammunitions and IP infringments. Any motive not falling within at least one of these classes will be successfully challenged by our attorneys. If a future modification of the legal environments where we harbor our customer's data were to affect the level of privacy we actually provide to our clients, be assured that we would find equivalent alternatives or inform all our clients in detail relative to a new legal privacy framework.
Data seizure warrants access the stored data belonging to a given customer between two points in time. Such warrants are not authorized to access any kind of data flowing in real-time (like emails and their attachments, passwords and private encryption keys) .Interception warrants can access data flowing in real-time from the starting date of such warrants, but are not authorized to access data stored before said starting date. Our attorneys successfully challenge all interception warrants which do not belong to the classes prominently displayed on our site.
Customers receiving an injunction for collaboration by an inquiring agency may take the unilateral initiative to ask us for advice, in which case ETHICmail® refers them to external specialized lawyers able to assess on a case-by-case basis (according to the jurisdiction where the data is stored and the jurisdiction the customer is submitted to) if the inquiring agency is legally authorized to issue such a request, and if the customer is exposed to retaliatory action in case of collaboration refusal. In these cases, customers bear integrally the costs related to these independent and direct relationships with external lawyers, and ETHICmail plays no role beyond the free delivery of the contact information of these competent lawyers.
ETHICmail's legal compliance in case of lawful data access is strictly limited to the jurisdictions where we store our customer's data. Attempts by third-parties to access data harbored by ETHICmail® without respecting proper international judicial assistance channels and procedures is considered characterized hacking. In such cases, ETHICmail® reserves the right to seek punitive action and initiate judicial proceedings against the offending entity or person to the full extent of all applicable local and international laws.
If you received such notification, it means that the Service we provide you has been the target of one of the few lawful interception warrants our attorneys do not challenge beyond the examination of strict procedural and legal compliance to all applicable laws and regulations.
This type of interception warrant falls obligatorily within one of the following classes: terrorism, pedophilia, kidnapping, counterfeiting, illegal immigration, extorsion/blackmailing, traffic of prohibited substances, homicides/loss of human life, traffic of weapons/ammunitions and IP infringments.
This interception warrant probably originates from an agency belonging to the jurisdiction you are submitted to. If you included the Assistance Membership extension, please follow the preliminary instructions provided in our KNOWLEDGEBASE.
If you unfortunately did not include this extension, you still have the possibility to purchase the Regular Interception Information service to find out the exact reasons, scope, start and termination dates of this warrant. No matter the jurisdiction you are submitted to, knowing the details of such interception warrant might be vital for further legal defense of your interests.
No, we don't perform retention. The only form of indirect retention could be related to the data backups we perform daily over a weekly period. Therefore, every message you delete from your mailboxes disappears completely after one week. If you wish your deletions to take effect immediately and permanently, we must manually disable automated backups for all data managed under your package.Please note that disabling the automated backups will affect all email accounts created under your package, and will cause immediate and permanent erasure of any email deletion performed by your users.
Our policy about SPAM is crystal clear: ZERO tolerance. If we detect an user sending SPAM, we notify a single warning. If the user persists, we cancel the related account.
Our infrastructure is clustered in strategic locations like Switzerland, Cyprus, Japan and Gibraltar. The design, development, operation and distribution is exclusively performed by Massive Logics Ltd.
We check each order manually on a case-by-case basis in order to set up your services on our most appropriate datacenter outside your country of residence, and to prevent fraudulent transactions. After reception of your payment to ETHICmail®, we usually send your access credentials and the relevant information within the next 24 hours.