Summary: The PRIVA SCORE evaluates the data protection functions of email clients (programs for receiving, processing and sending emails). Thunderbird/Betterbird, eM Client, Postbox, FairEmail, K9 Mail and Tuta achieve the highest scores. They offer strong Data protection features How End-to-end encryption, are Open-Source and Privacy by Default. Gmail and Yahoo rank last and should be avoided.
preliminary remarks:
1) Thunderbird and Betterbird are very similar and perform identically in terms of data protection, as Betterbird is a “Fork“ from Thunderbird. Betterbird is still mentioned because – as the name suggests – some functions are implemented better than in Thunderbird.
2) K9 Mail is currently only available for mobile use and will also be called Thunderbird in the near future. The development teams of the two programs have joined forces, so Thunderbird soon available on both desktop and mobile can be used.
3) The most important privacy feature of many apps/services that End-to-end encryption (E2E), is a special topic for email clients, as clients also use another encryption principle called PGP ("Pretty Good Privacy") can be used. While both methods offer a high level of security, PGP tends to be more complex to use and requires more manual setup and administration by users. This can be a problem for the average user.
All clients that have E2E can also be used with PGP. The only difference is TutaE2E is available here, but PGP is not integrated. Nevertheless, Tuta gets full marks – because E2E meets the simple requirement of a high level of data protection for the PRIVA SCORE target group.
The PRIVA SCORE can receive a maximum of 294 points due to the calculation when evaluating email clients. As always, the PRIVA SCORE evaluates how well apps/services Data protection features fulfill.
When evaluating email clients cutting Thunderbird/Betterbird, eM Client, Postbox, FairEmail, K9 Mail and Tuta is the best. They have the highest level of data protection (between 212 and 294 out of a possible 294 points) of the apps compared here. They offer End-to-end encryption and PGP (except Tuta – see above), Do not log usage data and offer Privacy by Default. Only the latter function offers postbox not.
The midfield (Apple Mail, Outlook, Mailbird and Canary Mail) are not Open-Source, do not offer anonymous registration and record at least partially the usage data.
In keeping with tradition, Google has Gmail, this time together with Yahoo, secured the last place. Avoid at all costs! – unless you have a cherished desire to write your emails under complete surveillance and insecurity.
Explanation of data protection features
End-to-end encryption (E2E) and Pretty Good Privacy (PGP):
E2E is one of the most important security features of modern email clients. It ensures that only the sender and the recipient can read the content of a message. The message is encrypted on the sender's device and only decrypted on the recipient's device. Even the client provider cannot view the content.
On the other hand, PGP is an encryption system for email that secures communications between senders and recipients. It uses a pair of keys - a public one for encryption and a private one for decryption - to ensure that only the intended recipient can read the message. PGP not only provides confidentiality but also the ability to verify the authenticity of the sender, making it a powerful tool for secure digital communication.
No usage logs: Privacy-friendly email clients do not collect or store user data and metadata. They do not log IP addresses, location data or other personal information of users.
Open-Source: If the source code of an app is openly accessible, this means that the program's compliance with data protection standards can be independently verified.
Anonymous registration: Some email clients allow you to create accounts without providing personal information such as your name or phone number. This increases user anonymity.
IP address obfuscation: Some email clients offer the option to hide the IP address of the person sending the email. This makes it more difficult for third parties to determine the location or identity of the user.
phishing and malware protection:Many email clients have built-in protection features against phishing attacks and malware. They scan incoming emails and attachments for suspicious content and warn users about potential threats.
Privacy by default: Secure email clients are configured with privacy-friendly settings by default. These include, for example, disabling tracking pixels or blocking external content. Tracking pixels are tiny, invisible images in emails that tell the person sending the email whether and when the email was opened, as well as other information such as the location or the device used by the person receiving the email.
EN 
DE_DE