Summary: The PRIVA SCORE evaluates the data protection features of email providers. Protonmail, Tuta, Posteo and Mailbox.org achieve the highest scores and offer strong data protection measures such as end-to-end encryption and no data sharing with third parties. Providers such as Outlook, iCloud, GMX/Web.de and T-Online offer GDPR compliance, but some data is passed on to third parties. Gmail and Yahoo rank last and should be avoided.
update 29.10.2024: By popular demand, Mailbox.org added. Welcome to the club of trusted services!
Update 07.11.2024: Thank you for the intervention of the Mailbox.orgteams! Even at mailbox Anonymous registration is possible. The service is not completely Open-Source, but is now also rated yellow due to the use of open protocols.
The PRIVA SCORE can receive a maximum of 294 points due to the calculation when evaluating email providers.
As always, the PRIVA SCORE evaluates how well apps/services Data protection features fulfill.
When evaluating email providers Protonmail, Tuta, Posteo and Mailbox.org perform best. They have the highest data protection level (294, 294, 282 and 274 out of a possible 294 points) of the apps compared here. They store and offer End-to-end encryption, give Data not to third parties further, the Servers are located in the EU, have a clean business modelthat is not based on the sale of your data. Posteo is in contrast to Protonmail and Tuta not Open-Source. Mailbox.org uses partly open protocols and can anonymous be used while Proton, Tuta and Posteo make this possible.
The midfield (Outlook, iCloud, GMX/Web.de and T-Online) is characterized by Compliance with the GDPR and in the case of German providers, with the use of German servers. However, since there is still some Data outflow to third parties takes place, which is also reflected in the business model, this is not a recommendation.
In keeping with tradition, Google has Gmail, this time together with Yahoo, secured the last place. Here only the partial use European server still be taken into account. Avoid at all costs!!
Explanation of data protection features
End-to-end encryption: This feature ensures that only the sender and recipient can read the contents of the emails. It is crucial to ensure the confidentiality of communications and protect against unauthorized access.
No data transfer to third parties: Email providers should not share personal data with third parties without the user's explicit consent. This is important to protect user privacy and prevent misuse of data.
anonymity: Some providers offer the possibility to create email accounts without providing personal data, which increases the anonymity of users.
Compliance with data protection laws: This privacy feature refers to how well a provider complies with applicable data protection laws and regulations to ensure the privacy and protection of its users' personal data. For European users, this applies to GDPR compliance.
Server location: This refers to the physical location of the servers on which a service's data is stored and processed. This aspect is important because data protection laws and regulations vary from country to country.
Business model: The data protection function business model refers to how a company monetizes its services or products and what impact this has on user data protection. For example, data-based monetization works on the collection and use of user data to generate revenue - for example through personalized advertising. This usually compromises user privacy because extensive data analysis and storage is necessary.
Open-Source: If the source code of an app is openly accessible, this means that the program's compliance with data protection standards can be independently verified.
EN 
DE_DE