Skiff Mail is a new end-to-end encrypted email service, but should you use it?
Skiff Mail has been launched to the public, it is a new end-to-end encrypted email service provider. The company says that it focuses on protecting the privacy of its users.
The service is Web3 native, you can visit this page to sign up for a free personal account.
The following information has also changed in the meantime or has been corrected:
- The pricing page does not reveal storage quotas anymore for the Free account. The homepage states that free users get 10 gigabytes of space.
- Skiff uses the open source analytics tool Matomo, which aggregates and anonymizes data. The data is not tied to user accounts and Matomo is not used in the actual app, according to Skiff.
- Skiff states that it is not tracking clicked links, interacted content or how active users are.
- Do not track is not used because there is no user tracking, according to Skiff.
- User information can not only be deleted by reaching out to Skiff Mail via email.
- Skiff says that it does not collect general location information, approximate location information based on IP addresses.
- Skiff says that it is not disclosing user information to third-parties.
- Skiff uses not third-party services, according to the company.
Though Skiff Mail's blog post says that users get 10GB of free cloud storage space for signing up for a personal account, the Pricing page which you can access from the settings shows that you only have 1GB of space. Email isn't the only thing that Skiff can do, you can save notes in Markdown format, code blocks, edit and create documents too. You can opt in to store your data on a decentralized server, add email aliases, import documents from Google Drive or directly upload them from your computer. Users have an upload cap of 30MB. One of the features that are highlighted in the announcement post, is Skiff's instant search, which can look up results in thousands of files instantly.
The data associated with your account is synchronized across your devices. Skiff's apps are open source, you can access the web app from your browser, or install the mobile app on your iOS or Android device, or the Desktop app on your macOS machine.
While signing up for an account, Skiff Mail will prompt you to save a one-time use recovery key, that you can use to unlock your account if you forget your password. If you lose it, you can't access the account, because of the encryption that the service uses. You may enable 2FA (two-factor authentication) from the settings, to protect your account. New users can sign up for an account using their MetaMask Wallet, and the company says it will soon support Brave Wallet.
Skiff Mail has paid plans that you can upgrade to, for more benefits.
Should you use Skiff Mail?
Scroll down to the section titled Automatic Data Collection, and you'll see that Skiff Mail's website collects the following information from the user.
- IP Address
- Mac Address
- Cookie Identifiers
- Mobile Carrier (Cell Phone Provider)
- User Settings
- Browser or Device Information
Collecting the user's settings is perhaps acceptable as are the browser and device info, they are probably related to the cookies stored in the browser, and maybe for compatibility. In addition to the above personal data, Skiff Mail also collects the general location information and approximate location based on your IP address.
Though there is a delete account button in the settings, the only way to delete your user information, is to reach out to Skiff Mail via email. And then there are some third-party tools that are used by the company for analytical purposes, and these have their own privacy policies.
The only thing that Skiff can't access seems to be the contents of your mails, because they are encrypted. But, what good is end-to-end encryption, if a service collects so much data from the user and tracks them? It learns your browsing habits, which is essentially profiling the user. This isn't different from what Facebook and Google do, is it?