The Privacy Community is MAD...here's why (+ my recommendations)

00:00

Something happened last week that got a whole lot of people in the privacy and

00:03

tech community really mad. I want to explain what that was,

00:07

give you some of my thoughts. But most importantly,

00:09

I want to share with you the one mistake that I'm noticing a lot of people are

00:12

making with their email security that this whole ordeal has brought to light.

00:18

Now, if you've never heard of Skiff before,

00:20

they are a privacy focused open source email platform that was started in

00:24

2020.

00:25

It was publicly launched in 2021 and most recently it was acquired by Notion in

00:30

2024. Now, the reason that so many people are mad about this Notion acquisition,

00:35

I don't think it has as much to do with the fact that it was a VC backed company

00:39

that was then sold off like so many other VC companies are,

00:42

even though that has something to do with it. I think it's more about the fact

00:45

that we're dealing with email,

00:47

which for many of us is a central form of not just communication but identity.

00:52

It's how we log into all of these different accounts that we create online.

00:56

So when you take that away, and it's so much harder to migrate our email,

01:01

that is why people are frustrated. So let me back up for just a moment.

01:05

If you were a Skiff customer,

01:07

you now have six months to migrate all of your email away from Skiff.

01:11

Now that they've been acquired by Notion,

01:13

none of the accounts that were with Skiff are going to be migrated automatically

01:17

into Notion. So whatever notion decides to do with this technology,

01:21

your account is not going to automatically be created for that.

01:24

So now you have the responsibility over the next six months to move everything

01:28

away from Skiff. Now, here's some of my thoughts. You see,

01:31

I've had a couple of conversations over the past year with Andrew Milch,

01:34

who's the CEO of Skiff. I believe he's now going to be working with Notion.

01:38

I'm not entirely sure about that, but here's the thing, he's a great guy.

01:41

He is super smart and incredibly talented,

01:45

and I have zero doubt that he did everything in his power

01:50

to try to make Skiff work as a standalone company.

01:54

I also know from running my own business how incredibly difficult that is,

01:59

especially if you've got VC backed funding and I don't have that.

02:03

So that's an additional pressure on top to make things work at a much shorter

02:07

timeframe. Now,

02:08

does that mean that I'm happy that they sold to Notion that they're shutting

02:11

down all of their services and forcing users to migrate away in six months?

02:15

Absolutely not. And I empathize with any of you that are having to go through

02:19

this right now. But we also don't yet know what was happening behind the scenes.

02:23

What was the health of the company, the financials?

02:25

What was the offer given by notion? And frankly, we may never know,

02:29

but I'm trying to reserve judgment because we don't know all of these things.

02:33

And this is a big part of the equation as to why S Skiff was sold to Notion.

02:37

I think there are two things that we can learn from this though.

02:39

One being a mistake that many of us have made. The first is this,

02:43

no matter what privacy and security services you're using,

02:46

and no matter how long they've been active,

02:48

there's always a risk that they will go out of business,

02:51

that they will be acquired or that something else will happen that will render

02:53

those services ineffective. Yes, that is super frustrating,

02:58

but it's also a reality that we all have to deal with.

03:01

And you need to be able to understand when you're going in and using one of

03:03

these services, what does it look like if that service were to go away?

03:07

And this is especially true for email,

03:11

which leads me to my second point about the mistake I've been seeing a lot of

03:14

people make with their email.

03:15

Whether you are using Gmail or Outlook or Yahoo or even Privacy alternatives

03:20

like Proton Mail or Tota,

03:22

when you use an email as an identity to create all of these accounts online,

03:26

if you use the native email address for each of these companies,

03:30

you are trusting that they are going to be around for the long haul. Now,

03:34

that might be a good bet for companies like Microsoft and Google,

03:37

but what about all these other companies? I've personally visited the proton

03:41

offices in Switzerland and seen the hundreds of people that work diligently to

03:45

create an amazing security product that they have.

03:47

And I've talked with Andy Yen, their CEO,

03:49

who said time and again that they have no plans to sell.

03:52

That's not how the company was set up. However,

03:56

the mistake I see people make is that they are relying on these company

04:01

URLs to build their entire online identity.

04:04

Users who adopted [email protected] email address for their online identity

04:09

are going to find it so much harder to migrate away because now it's more than

04:13

just migrating.

04:14

Now they have to go into all of these accounts and change the email,

04:17

and sometimes that's really, really hard to do.

04:19

The alternative that I recommend is having a custom URL for your email I use

04:24

at all Things secured for this company.

04:26

I have a personal custom URL that I use and I set that up with proton

04:31

mail so that even though I'm using proton mail's inbox,

04:34

the email address is one that I own. And if I needed to, I could easily migrate,

04:39

migrate that away elsewhere to some other email provider.

04:43

If I rely on at Proton mail or at Skiff or even at Gmail,

04:48

I am relying too much on those companies as opposed to owning the email address

04:53

that people are using to send and receive communications to me at the end of the

04:56

day. Here are my three recommendations. First, if you are a current Skiff user,

05:01

I suggest you head on to something like Proton Mail.

05:03

They've been around for over 10 years. They've produced great products,

05:07

I trust them, and I've been and visited their offices.

05:10

They have a great team that is producing an excellent product. Second,

05:15

consider buying a custom URL. It's really not that expensive,

05:19

an average of about $15 a year.

05:21

And every single one of these email providers will allow you to set up that

05:24

custom domain as your primary email address. So whether that's Google with Gmail

05:29

Outlook or even proton mail,

05:30

you can set up your own custom domain and have all of those emails come into

05:35

that inbox while still using the company domain as well. And finally,

05:39

number three,

05:40

recognize that most things having to do with privacy and security are a process.

05:45

I don't think that once you set up this custom domain for your email that you

05:48

need to go through and change everything, go back through all of your accounts.

05:52

It just means that from now on you have an email address that you own.

05:56

That you can take with you wherever you want to go.

05:59

You can still use a throwaway Gmail account or an email alias or even the native

06:04

proton mail email that they give you,

06:06

but now you have a choice and you have one that you own.

06:09

And I think that's really important when we consider the security of our email

06:12

and what it would take to move away if something like Skiff were to happen to

06:17

anybody else. I hope that makes sense.

06:19

I don't normally do these kind of unscripted videos,

06:21

so you can let me know what you think in the comments below.

06:24

And if you do like these kind of videos that help you think through your

06:27

security and privacy strategy,

06:29

make sure you subscribe to all Things Secured because I've got a lot more of

06:32

this stuff coming up.