There are many reasons why emails are not private and must always be saved or sent with the understanding that emails are public and can be disclosed to anyone other than the intended recipients.
If you followed the US presidential election, you probably noticed that hackers stole targeted emails and Wikileaks released them gradually which some claim changed the voter decision and the outcome of the elections. This is just one of the reasons that email users must be convinced that emails are not private. This highly publicized incident is not an isolated case yet it made email users aware that emails can become public at any time.
Email hacking is not the only way emails can become public information. Based on my personal experience on a few occasions when I was having email conversations, coworkers and friends forwarded my emails to other parties but the problem was that I had not worded the emails in a manner that would be acceptable or appropriate to be forwarded to other parties. That said, there was no malicious intention on the part of my coworkers (except in a few rare occasions) when emails were forwarded and often it was out of laziness to start a new email that they forwarded my message to other parties whom they thought might benefit, but the emails were not worded for other parties, specially those outside of the company.
Therefore emails must always be written and sent as if the entire world is going to see them. There is a difference between emails which contain sensitive or private information vs emails which have inappropriate information, wording, or formatting which may not be intended for others besides the intended recipients. Disclosed private or confidential information contained in emails can pose much greater damage to other parties other than the email sender. For example, private information about an entity’s business strategy or emails with sensitive attachments can cause far greater damage to many parties than inappropriate, casual, or funny emails which may negatively affect the reputation of the email sender.
Thirdly, email users must remember that whether they use their company email system or a public email such as Yahoo Mail or Gmail, the IT folks who manage the email servers and anyone else who has administrative access to the email systems can not only read the emails, but can also run software to flag emails which contain selected words to identify the senders, sell the info to marketers, or even notify law enforcement. This is not a myth. There are many rumors that some companies which collect consumer information have been selling or sharing that information with government agencies. When sending emails or even posting private information on social media, I would never assume that my information is private no matter how many privacy settings I select to protect my information.
Lastly, company computers or public computers may deploy spyware to read their computer user messages for a variety of reasons whether it is to steal data, or monitor employees for compliance and wrongdoing. There are no laws that prevent companies from monitoring employee emails or other activities performed on the company owned computers as long as the company notifies employees about its intent.
The fact is that nothing in our digital world is private. In fact, privacy is a myth in a sense that our privacy laws are limited to personal information such as name, address, and phone numbers which are easily obtainable in the public domain anyway. In fact, Facebook users post plenty of personal information in their accounts for their friends and sometimes the public to see. Plus, privacy laws are primarily concerned with consumer notification of hacking incidents and not preventing email hacks. In other words, once our emails are hacked and released to the public, what good is a notification and what remediation steps can companies take to make the emails private again? The answer is NONE. Once a digital content is posted to the web, it’s public, period. The only way to protect digital data is to store them on machines which are not connected to the Internet. Then again, the machines must be protected against physical access and harm.
Until a software is developed to read our minds which will further complicate privacy issues, we should be careful about what we write down and send to others.