Like many others, I tend to keep e-mails unless I have a good reason to delete it.
Free storage and easy retrieval from wherever I might be makes it the ultimate reference library.
Yes, I know — anything you do or store online should be considered public information — but e-mails only leak from high-profile individuals, like presidential candidates and other famous people, right?
Wrong.
A couple of months ago, Yahoo confirmed that data associated with at least 500 million users had been stolen — in what is believed to one of the largest security breaches ever.
Another dark secret of the web mail providers is what is referred to as “Lookthrough” privileges — in short, the your provider parses and reads your e-mails to learn something about you. Quandl, a provider of data for investment professionals, is one of the companies buying data derived from looking into people’s e-mails. Take this description from their blog, posted on Oct 13, 2016:
“…we have been partnering with companies that have “lookthrough” to consumer emails. Companies like Mail.com at one end of the size spectrum to Google (Alphabet) at the other, have natural visibility into email. Any software company offering email clients or add-ons of some sort often get lookthrough as well. Productivity, accounting and note management app creators also often have visibility into email receipts.
Partnerships with firms like these give us access to a continually updated corpus of millions of anonymized emails. Meticulous parsing of this corpus leads to a beautifully granular database of single transactions. Intelligent querying of this database can then offer amazing, near real-time insights on all kinds of things.
So not only are you at the mercy of the technology companies providing secure infrastructure so that your e-mails aren’t hacked, you are also at the mercy of them making sure that whatever information they may read in your e-mail and later sell is actually properly “anonymized”.
This has shattered my sense of security.
So I decided it was time to clean up my personal e-mails, and I embarked on something that almost became a travel back in time, through tens of thousands of e-mails. As I sorted through junk I occasionally found treasures and also surprises.
However, throughout this journey I had one thought at the back of my mind: What if I had hacked into my e-mail and was going through the messages with malicious intent — what would my e-mails reveal about me?
The list is long. Apart from the obvious, like who you communicate with etc., it would include:
Purchase receipts: Revealing where I live, work, what I wear, and in what sizes.
Usernames: Have you ever forgotten a user name and clicked the “Forgot username” link on a site? It will often send you an e-mail with your username. If you don’t delete it — hackers now I have access to one of the essential pieces of information, and just need your password next…
Site registrations: Welcome to this and that site — also often reveals user names.
Vehicle information: Yes — communication with my dealer would reveal what car I drive, what model and year. To top it off, the Vehicle Renewal E-mails from the State revealed my license plate information.
Your birth date: I happen to get birthday congratulatory messages.
Information about your children: Names and grades of children were revealed due to a variety of notification e-mails from the school district.
Travel plans: Where you you get your itineraries and boarding passes? Your e-mail…
Tax returns: Communication with CPA is often through e-mails — perhaps you’ve gotten a tax return for review prior to submittal?
Medical records and conditions information: Based on insurance and provider information.
Your signature: Thank you, Square — for exposing my signature in the e-mail receipts.
Friend’s private photos and videos: Things they’ve shared with “unlisted” feature, thinking its secure
Pizza preferences
Whether or not you own firearms
Which sports you follow
Chat transcripts from interactions with support (you often reveal additional information)
Scanned information — you scan a document and send it to your e-mail.
In short, your e-mail is a trove of information, ranging from junk to gold to hackers. You must take steps to limit your exposure, as the information may not be as safe as you think.
Here is my recommendation on what to do to take a proactive information management approach to the e-mail mess:
Clean up your e-mail. It will take some time, but will be well worth it. I cleaned out 25,000 e-mails over two weeks, in small bursts of energy.
Change your default thinking: Unless you must keep the e-mail — delete it.
Setup rules and automation that delete all e-mails older than 30 days.
Be smart about passwords — do NOT re-use them on different sites.
Use multiple e-mail accounts to spread the risk.
If you have information that you truly want to keep, load it onto a USB stick and keep it on a computer that is not connected to the internet.
Fortunately, most work places already have such routines in place — but the often overlooked place is your own, personal information.
Vik Bulletin 