Email Providers

In this guide we investigate ethical and environmental records of 16 email providers and give our Best Buy recommendations.

We also take a closer look at email security, the environmental record of companies, the telecommunications company BT and shine a spotlight on web giant Google.

About Ethical Consumer

This is a product guide from Ethical Consumer, the UK's leading alternative consumer organisation. Since 1989 we've been researching and recording the social and environmental records of companies, and making the results available to you in a simple format.

What to buy

What to look for when choosing an email provider:

  • Is the company a co-operative? There are some smaller, co-operatively run and not-for-profit companies to look out for in this sector.

  • Does the company treat your communications securely? Use independent email services that are run by media activist collectives. They don't give email records to the government and have pledged to tell the public if they are forced to, so you will know about it.

Best Buys

The companies below have been recommended as Best Buys because they were set up to be alternatives to mainstream companies.

What not to buy

What to avoid when choosing an email provider:

  • Is it a tax avoider? Try and avoid email providers that are owned by the big multinational companies involved in tax avoidance, as well as those companies that are not taking security issues seriously enough.

Companies to avoid

There is one company, Microsoft, that scores particularly badly on the table and should be avoided. Its brands are:

  • Hotmail
  • Outlook

Score table

Updated live from our research database

← Swipe left / right to view table contents →
Brand Score(out of 20)

GreenNet email

Company Profile: GreenNet Educational Trust
15

The Phone Co-op

Company Profile: Phone Co-op Ltd
14.5

Riseup email

Company Profile: The Riseup Collective
13.5

Excite Europe email

Company Profile: Excite UK
12.5

1&1 email

Company Profile: 1&1 Mail & Media Inc.
11.5

GMX email

Company Profile: 1&1 Mail & Media Inc.
11.5

Excite.com email

Company Profile: Excite
10.5

AOL

Company Profile: AOL Inc
9.5

Lycos email

Company Profile: Lycos
9

Yahoo! Mail

Company Profile: Yahoo! Inc
8.5

TalkTalk email

Company Profile: TalkTalk Group
8

Apple iCloud

Company Profile: Apple Inc
7

BT email

Company Profile: BT Group Plc
7

Gmail

Company Profile: Google Inc
6

Hotmail.com

Company Profile: Microsoft Corporation
5.5

Outlook.com

Company Profile: Microsoft Corporation
5.5

What is most important to you?

Animals
Environment
People
Politics
Product sustainability

Our Analysis

This Product Guide covers companies that are solely email providers such as Excite or Yahoo!, alongside Internet Service Providers (ISPs) that provide their customers with an email service alongside internet access.

The ISPs included in the table are: AOL, BT, GreenNet, The Phone Co-op and TalkTalk.It may not be possible to have an email-only service with them.

Email security

Google’s statement to a Californian court that its Gmail users have “no legitimate expectation of privacy” is wake up call for anyone using the company’s services. There are plenty of other choices on the table and we recommend that you pick one of them instead.

You can boost your email security by using encryption. According to Edward Snowden: “Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on.”

Use independent email services that are run by media activist collectives. Unlike corporate providers, they will not give your emails to the authorities without a warrant and a legal fight. If that happens, they will make it public if they can, so you (and thousands of other activists) will know about it.  

We suggest riseup.net or aktivix.org

For a more in depth information see the Tech Tools for Activism guide from Flossmanuals.

This also includes more advanced options such as encrypting email and securely uploading media to the net.

BT or not to be?

BT announced in May 2013 that it was ditching Yahoo! as the provider of BT email after customer accounts were repeatedly hacked. Internet security experts reportedly claimed that “criminals had used an international network of hijacked computers to mount the attacks on Yahoo!”2

In March 2014 the BBC reported that the Information Commissioner’s Office (ICO) was looking into how the company was handling customers’ data during the switch-over to a new company, California-based Critical Path. A whistleblower claimed the process was insecure.3

BT has been the focus of pro-Palestinian protesters due to its commercial relationship with Bezeq, a company that provides telecommunications services to illegal Israeli settlements in the West Bank. “BT is complicit in Israel’s crimes against the Palestinian people”, said War on Want in 2010. “Tell BT to hang up on the Occupation”.

Edward Snowden

State Surveillance & Corporate Complicity

Several years ago the media has been published documents released by Edward Snowden, a former contractor of the National Security Agency (NSA), the communications interception specialist intelligence agency of the United States.

The Snowden files, which continue to be drip fed to news agencies such as the Guardian, reveal a number of mass surveillance programmes undertaken by the NSA and its British counterpart the Government Communications Headquarters (GCHQ).

The revelations lay bare the agencies’ ability and willingness to access information stored by the major internet companies as well as mass-intercept data from fibre optic cables which make up the backbone of global phone and internet networks.

The situation has raised a number of concerns, not least the scale of global monitoring of the communications technology sector and the extent to which private companies, including many popular consumer brands, are cooperating with intelligence agencies. The extent of corporate complicity is, however, still a matter for debate.

Many of the companies implicated in the Snowden files (or that have colluded with oppressive regimes in order to operate in those markets) have taken a public policy position opposing mass surveillance, aimed at regaining the trust of their customers.

Google boss Larry Page and Facebook co-founder Mark Zuckerberg have both denied co-operatingwith NSA surveillance programmes such as PRISM.

Page claimed:

“We have not joined any program that would give the US government or any other government direct access to our servers”. 

In a public Facebook message, Zuckerberg said:

“We have never received a blanket request or court order from any government agency asking for information or metadata in bulk…and if we did, we would fight it aggressively... We strongly encourage all governments to be much more transparent about all programs aimed at keeping the public safe.”

Snowden has also criticised Amazon, who were notable by their absence from any of the PRISM documents, for “leaking info like a sieve”. At a recent conference Snowden explained that intelligence agencies are currently able to monitor whatever you read on the Amazon website, and asked why the company was failing to implement proper website encryption.

In August 2013 a French consumer rights group named Google and other internet companies as potential accomplices to the NSA and FBI. The prosecutor’s office in Paris has now launched a preliminary investigation into the companies’ complicity with the PRISM surveillance programme.

The issues for consumers

Anna Fielder, Chair of Privacy International, believes that the big issue for consumers is that they are no longer in control of their personal information. She says the biggest areas of contention are automated profiling and the transfer of personal data.

Automated profiling is the collection and use of pieces of information about individuals to make assumptions about them and their future behaviour. This can, of course, be done by corporations and governments alike.
 

Anna told Ethical Consumer:

“We have to ask ourselves: “Has it gone too far?” In the age of infinite data collection (so-called big data) and hundreds of databases holding personal information, disparate pieces of information can be combined and recombined to produce new information about you, more than you would know yourself. Profiling is likely to perpetuate and reinforce societal inequality, so it must be carefully monitored.”

Legal action by Privacy International and others has forced an admission from the British government of a secret policy for mass surveillance of residents’ Facebook and Google use. Britain’s top counter-terrorism official has claimed that the indiscriminate interception of these communications is legal as they are ‘external communications’ which use web-based platforms based in the US.

In regard to the transfer of your personal data to third countries, Anna told us, “as most of the mass market internet corporations are US companies (Google, Facebook, Amazon, etc.), we are talking really about transfers to the US which has very weak data protection laws. There’s an agreement between the UK and USA on data transfers – called Safe Harbor – but it’s not very safe. It’s voluntary, companies cheat and it has not been enforced properly.”

Transparency initiatives

The best information we have at the moment about state monitoring of internet communications is from voluntary company transparency initiatives. Under pressure from organisations such as the Electronic Frontier Foundation, a privacy watchdog group, companies are now beginning to produce transparency reports in order to reassure consumers and be seen to do the right thing.

The mobile phone network provider Vodafone’s first transparency report, released in June, was the first to cover a global dataset. It made grim reading and demonstrated the extent to which corporations and states are colluding.

The company admitted that in six of the 29 countries where it operates, governments enjoy direct access to communications on its network. In some countries police have a direct link to customers’ phone calls and web communications and no warrant to intercept communications is needed. Human rights organisation Liberty called the government powers “terrifying”.

The report also gave a breakdown of lawful intercept requests and communications data requests for the 29 countries in which Vodafone operates. Italy made 139,962 interception requests in total and 605,601 communications requests to Vodafone alone. By comparison the UK government made 2,760 interception requests and 514,608 communications data requests to all mobile phone operators in 2013. 

Internet giant Facebook reported earlier this year that it received requests from governments and courts around the world about over 70,000 users in 2013. The United States counts for 50% of these requests. The vast majority were related to criminal cases and were made by government officials as part of official investigations. Facebook also received 10,000 requests by agencies such as the NSA and the Federal Bureau of Investigation (FBI). These requests usually regard investigation “to protect against international terrorism or clandestine intelligence activities.” 

According to the project ‘Silk’, a transparency reports database, the number of inquiries that governments globally have submitted to the major telecommunication and internet companies of the western world amounted to more than 828,000 requests for users’ data in 2013.

The United States is the world’s most inquisitive country by a big margin, with over 730,000 requests, which corresponds to 3,000 requests for each million of the country’s internet users. It is followed by Australia (47,000 requests), Germany (30,000 requests), France (22,000 requests) and the United Kingdom (10,000 requests).

Some of these requests have been coming from countries with dubious democratic standards. For example, Turkey submitted 12,000 data requests to companies when protests in Turkey started to escalate in 2013. The Turkish government responded with arrests of journalists and attempts to shut down social media outlets.

Microsoft complied with 76% of Turkey’s requests. No other company contacted by Turkey complied with the exception of Facebook (which complied with 47%). 

The numbers outlined in the various transparency reports are the tip of the iceberg because the reports only contain the requests that authorities file through standard legal procedures, thus excluding data collected through bulk surveillance programmes and unauthorized interceptions, like the NSA’s or GCHQ’s.

Smaller companies fighting back

However, the security services and big business are clearly not having it all their own way. The release of PRISM files represented the first step in a fight back against the surveillance state and a loss of privacy.

Several smaller alternative Internet Service Providers (ISPs) from around the world have used the information released by Snowden to lodge formal complaints against GCHQ alleging it uses malicious software to break into their networks.

The claims come from seven organisations based in six countries, including our Best Buy ISP GreenNet and popular activist ISP the Riseup Collective.

The claims are being filed with the investigatory powers tribunal (IPT), a court in London that assesses complaints about the agencies’ activities and the misuse of surveillance by government organisations.

The complaint is based on allegations that GCHQ carried out an attack, codenamed Operation Socialist, on the Belgian telecoms group Belgacom, whose customers include the European Commission and Parliament.

Cedric Knight of GreenNet said in a statement: “Our long-established network of NGOs and charities, or simply individuals who value our independent and ethical standpoint, rely on us for a level of integrity they can’t get from mainstream ISPs. Our entire modus operandi is threatened by this illegal and intrusive mass surveillance.”

What can you do

Anna from Privacy International says that the message to consumers in the short term is simple: “Switch away from US corporations providing services.... [move] away from Gmail or Hotmail to one of the very many EU-based email providers. It won’t protect you from GCHQ, but at least you have stronger data protection laws.”

However, she is also clear that there needs to be reform on a policy and legal level. “There are some quick or short term solutions that consumers can take, but ultimately data protection laws need to be strengthened, and the only way that can happen is through political will. Demand that your elected representatives take these issues seriously.”

Energy use online

From social media to music, streaming video, email and commerce, we are increasingly moving much of our lives online. As a consequence global internet traffic has increased dramatically. In 2002, it amounted to 100 Gigabytes per second but by 2012 it had reached 12,000 Gigabytes per second. This is expected to increase threefold by 2017.

This data flows through an infrastructure which includes end-user devices (for example laptops and phones), telecommunication networks and data centre facilities.

According to the Digital Power Group, this infrastructure uses about 1,500 Terawatt hours (TWh) of electricity annually: 10% of world electricity generation. This is equal to the electricity consumption of Japan and Germany combined, or 50% more than the energy used by the global aviation industry.

Viewing it in personal terms helps to give some perspective. Charging up a tablet or smartphone may require a negligible amount of electricity, however if we include the electricity consumption across the whole infrastructure that delivers the signal to it we get a very different picture. Using your device to watch an hour of video per week for a year consumes annually the same electricity as one refrigerator uses in a year.

Greenhouse gas emissions

In terms of carbon footprint, the Boston Consulting Group estimated that internet infrastructure was responsible for releasing 0.9 billion tonnes of greenhouse gases (GHG) per year in 2011 or 1.9% of world emissions. Despite expected efficiency gains, the internet’s carbon footprint is projected to rise to 1.3 billion tonnes of GHG by 2020 or 2.3% of world emissions.

The footprint of end-user devices accounted for 61% of the internet infrastructure’s total emissions in 2011, equivalent to 0.55 billion tonnes of GHG. Telecommunication networks contributed 22% of total emissions (0.20 billion tonnes of GHG in 2011), while data centres’ carbon footprint counted for 17% of total emissions (0.16 billion tonnes of GHG).

The bigger picture

However, if we want to assess the global environmental impact of the internet infrastructure we need to consider that each piece of equipment that powers the web (laptops, servers, antennas, cables, modems, amplifiers, stations etc.) has been manufactured using natural resources such as water, oil and metals. Furthermore we need to consider that several pollutants have been released into the atmosphere and water at different stages.

Data centres

Which companies are storing all of our data, and how are they getting the energy? Greenpeace’s latest report looks at whether those companies are using dirty or clean energy.

While shifting businesses to an online model can create significant gains in energy efficiency, the energy appetite of the internet continues to outstrip those gains thanks to its dramatic growth.

But there is good news to report: since Greenpeace’s last Clicking Clean report in 2012, leading data centre operators have taken key steps towards building a green internet, particularly those companies that have committed to build a 100% renewably-powered platform: Apple, Google and Facebook.

Unfortunately, despite the leadership and innovation demonstrated by green internet pioneers, other companies lag far behind, with little sense of urgency, choosing to paper over their growing dirty energy footprints with status quo solutions such as renewable energy credits and carbon offsets, while rapidly expanding their infrastructure.

Other internet companies have refused to pay even lip service to sustainability, and are simply buying dirty energy straight from the grid. Those companies, most notably Amazon Web Services, are choosing how to power their infrastructure based solely on lowest electricity prices, without consideration of the impact their growing electricity footprints have on human health or the environment. Twitter also lags behind.

Greenpeace’s report rates seven companies featured in our Internet product guides: Apple, Google, Facebook, Yahoo!, Microsoft, Amazon and Twitter. The leaders are Apple, Facebook and Google.

Clean Energy Index – an average of the amount of renewable energy used across the company’s facilities.
ET – Energy Transparency (Scope and level of detail made publicly available on energy consumption of IT infrastructure.)
REC – Renewable Energy Commitment & Siting Policy (Commitment to powering their data centres with renewable energy, including infrastructure siting criteria and investment decisions to increase clean energy use.)
EE – Energy Efficiency & Mitigation (Strategies and measurable progress to mitigate the demand for dirty energy generated by IT infrastructure.)
RD – Renewable Deployment & Advocacy (Measurable progress and commitment to renewable energy investments and advocacy for ambitious policies that encourage wide scale renewable energy generation and use.)

Lobbying against climate change

The Greenpeace report also revealed that Google, Facebook, Microsoft and Yahoo! Inc were members of the American Legislative Exchange Council (ALEC), an organisation that was lobbying against renewable energy laws. ALEC also targeted the US Environmental Protection Agency’s effort to limit global warming pollution from coal-fired power plants.

In addition to their membership in ALEC, Google and Facebook offered political contributions to the Competitive Enterprise Institute, a conservative think tank funded by fossil fuel interests with a history of denying the reality of climate change.

Company profile

Google Inc. was founded in 1998 with $100,000 of start-up funding and a mission “to organize the world’s information and make it universally accessible and useful”.

Forward to 2014 and Google has a market capitalisation of close to £235 billion, ahead of ExxonMobil and second only to Apple as the world’s most valuable company. In the second quarter of 2014 it reported revenues of £9.4bn and profits of £4.8bn (before investment in its own infrastructure, research and development).

It is the dominant search engine in Europe, USA, South America and India. It provides a host of online services through Gmail, Google maps, and YouTube. Its Android operating system powers the majority of mobile devices worldwide, it sells phones and tablets and the accompanying apps.

The majority of these services tie together to form a single ecosystem, a vast network for the collection and mining of personal data. But at heart Google is an advertising business and 90% of its revenue comes from selling online advertising. One third of global advertising spend goes through Google.

During 2014 Google acquired Titan Aerospace (high altitude drone maker), Nest (monitoring of home devices such as thermostats and smoke alarms) and Dropcam (wi-fi video streaming, audio surveillance and sensors). In 2013, it bought Boston Dynamics which makes robots for the US military.

"We know where you are. We know where you’ve been. We can more or less know what you’re thinking about."

 Eric Schmidt, Executive Chairman of Google.

Don’t Be Evil

Tax avoidance, copyright infringement, censorship, market manipulation, political lobbying, privacy violations. It’s fair to say that there are a few concerns and accusations about how Google operates.

Search and censorship

However Google received deserved plaudits in 2010 for ending its self-censorship of search results in mainland China, which led to a ban on its services and effectively a withdrawal from this huge market.

In July 2014 it also enacted a new policy on sexually explicit content, effectively banning the promotion of sex sites with Google’s Adwords (adverts next to search results). The pornography industry has called this a ‘blatant act of censorship’ as a result of pressure from US Christian groups.

In this case we can assume that it is not going to launch a competitor service, as it has done with hotel bookings (Google Hotel Finder), and shopping (Google Shopping).

Competitors allege that Google increasingly tilts search results in favour of its own online commerce offerings as it bundles those services into its industry-dominant search engine, limiting choice and stifling competition.

At a US Senate hearing in 2011, Senator Herb Kohl asked:

“Is it possible for Google to be both an unbiased search engine and at the same time own a vast portfolio of Web-based products and services?”

The European Commission has been probing Google’s search business practices since November 2010. In July 2014 it was reported that the Federal Cartel Office in Germany has prepared a proposal to regulate Google as a utility, due to its dominant market position in search.

One problem for website owners is the inequality caused by Google’s almost complete dominance of web search: to block Google and remove your site from its search index means almost instantly to lose a large proportion of visitors.

Google and privacy

For most people the main reason to avoid Google is to stop being part of a huge data gathering exercise that breaches personal privacy.

As the saying goes, if you aren’t paying for the product, you are the product.

From 2010 to 2014 Google has faced fines and data-deletion orders worldwide for secretly collecting wi-fi network data, including gathering passwords, e-mail and other personal information during its Street View mapping project.

During 2012 the privacy authorities of six EU countries launched an in-depth investigation to assess the compliance of Google’s Privacy Policy with the European Data Protection legislation. This found a number of problems with how the company processed personal data as well as a failure to inform users and provide them with adequate tools to control data collection.

The authorities issued several recommendations, which Google Inc. did not effectively follow up on. Consequently, each jurisdiction individually initiated enforcement proceedings against the company, leading to financial penalties in France and Spain.

In another case the company tried to circumvent UK privacy laws. The company claimed in the British High Court that a case against it should be dismissed as there was “no jurisdiction” for the case to be heard in the UK because its consumer services were not provided by Google UK but its US division.

Google everywhere

How much Google knows about you depends on how many of their products or services you use. All of your personal data across Google’s services is merged into a single database, allowing Google to cross-reference the data across multiple accounts and devices.

First there is your web search history, which builds quite a complete and accurate picture. If you have a Google account, sign in, go to www.google.com/dashboard and take a look at your account history.

All emails sent both to and from a Gmail account will be scanned. Google has said that email users have “no legitimate expectation of privacy”. The statement came in a Californian court case accusing the company of unlawfully opening up and acquiring the content of private email messages in order to target advertising.

Any documents in a Google Drive will similarly be scanned, and a record kept of who you share them with. Google Chat, Talk and Hangout sessions can also be recorded and stored.

Your physical location is known if you use Google Search, visit any of the 15+ million websites using Google Analytics tracking, or use Chrome browser without taking any privacy precautions.

On an Android tablet or phone the GPS tracks your current location by default from Google Maps, Earth and Street View. Google knows which places are of interest to you. It recently bought the ‘community’ navigation app Waze, which has 50 million users all planning and naming their routes and destinations.

If you have an Android phone, the company’s policy also allows for it to know which numbers you call, and when, and for how long. Likely it also knows your home wi-fi password. Do you allow Google Chrome to store login passwords? If so add them to the mix.

Your future plans may be easy to fathom from data in your Google Calendar, Google+ and Gmail accounts. Google Shopping and Wallet will store your credit card or banking information.

Services such as YouTube and Translate are able to use voice recognition.

Google and tax avoidance

In 2012 the UK was Google’s second biggest market, worth almost £3bn. However Google paid just £11.5m in corporation tax in the UK (0.4% of its sales in England) because the sales are billed by Google Ireland Ltd, the Dublin-based subsidiary whose name appears on invoices to most non-US clients.

This Irish subsidiary also paid low corporation tax (£14m) because it channelled £7bn in royalties, through ‘Google Netherlands Holding Bv’, (the Dutch company in between), to Google Ireland Holdings, the Irish/Bermuda resident company which owns the intellectual property that Google Ireland Ltd is licensed to sell.

Thanks to this and other low tax strategies, Google Inc paid foreign taxes of £221m in 2012 on over £7bn in overseas profit. According to Michael Hennigan, Google’s Irish-Dutch sandwich grew to €8.8bn in 2012, this is equivalent to a tax rate of less than 5 per cent.

In December 2012, Google chairman Eric Schmidt defended Google’s schemes to avoid tax. He said that the company paid taxes “in the legally prescribed ways.” and that such schemes were legitimate. “I am very proud of the structure that we set up... It’s called capitalism. We are proudly capitalistic. I’m not confused about this.”

Want to know more?

If you want to find out detailed information about a company and more about its ethical rating, then click on a brand name in the Score table. 

This information is reserved for subscribers only. Don't miss out, become a subscriber today.

Start your 30 day trial today!

Ethics made easy - comprehensive, simple to use, transparent and reliable ethical rankings. Subscribe today for a wealth of data at your fingertips.

We will take payment when you order, but you can cancel by phone or email within 30 days for a full no-questions-asked refund!

Start your 30 day trial today!