
Fastmail: Staff access to your data - guims767
https://www.fastmail.com/help/ourservice/security.html#staffaccess
======
brongondwana
Yes, though not routinely... but if you need help with something and we need
to see your data for that, our support team will ask for your permission and
then take a look for you.

Also: if we have credible evidence that your account has been misbehaving
(e.g. spams, scams, etc with the headers that show they originated from your
authenticated connection) then we'll investigate to see if you're a bad actor
breaking our terms of service or just some poor soul who had their credentials
stolen.

And if your account is the subject of an Australian warrant, and a judge has
been convinced that there's cause to access your individual data, then we
don't place ourselves above the law. We consider ourselves good citizens of
the world, and that includes working with law enforcement where they have a
warrant.

What we don't do is sell your data or profile you in order to allow you to be
targeted by those wishing to exert undue influence based on knowledge gleaned
from your private communications. That's the privacy that's being bought and
sold by many in the current world, and leading to poor consequences. We stand
firm against the sale and manipulation of people's private electronic memory.

We don't snoop on you, but we'll help you fix your account if you mess it up,
and we'll get your access back if you forget your password (a friend of mine
lost her entire email history when she forgot her password while using one of
the heavy encryption services... oops. Security is about availability and
integrity as well).

Our support team is on your side, because we only have one paymaster, and
that's our customer.

~~~
whamlastxmas
Can you please consider improving the notes function of your product? I really
want to have better fastmail integration in my life and not having to rely on
a third party app for something as simple as notes would help a lot.

------
throwaway9d0291
For all their policies, they're still subject to Australia's "NSL" equivalent
that requires they disclose data to law enforcement without notifying you, and
in the case of certain agencies, without a warrant.

Their servers are also located in the US, so they're accessible to three-
letter agencies as well.

I recently switched to a German service. Data can still be silently disclosed
but only if there's imminent danger or a judge issues a warrant. Of course the
service is covered by GDPR and European regulators as well.

~~~
QuixoticQuibit
Who’s this German provider and how do they compare in terms of
pricing/features/UX to Fastmail?

~~~
throwaway9d0291
I use mailbox.org but there's a list of others here:
[https://thatoneprivacysite.net/email-comparison/#simple-
emai...](https://thatoneprivacysite.net/email-comparison/#simple-email-
comparison)

For me mailbox.org ended up being slightly cheaper.

In terms of features and UX I've found them comparable.

------
roenxi
Fastmail has a fair Australian presence; my limited understanding is that
Australian law forbids secure-by-design encryption pipelines - so someone in
Fastmail can read your email.

Whether or not that person works in support is an interesting but somewhat
minor detail. It would be advisable not to use an Australian provider for your
data if that is important to you.

~~~
throwaway9d0291
> my limited understanding is that Australian law forbids secure-by-design
> encryption pipelines

This understanding is wrong. Secure encryption is perfectly legal, tech media
simply likes to overreact to laws without actually reading them.

The underlying law that lead to this widespread misconception requires
Australian companies to assist law enforcement in acquiring communications but
only when it can be done in such a way that nobody else is affected [0].

The example I usually use to illustrate what this means is:

\- The law could potentially compel WhatsApp to add code to their application
that checks for a particular hard-coded user ID (i.e. new IDs have to be
pushed through the app signing and update process) and when the user with that
ID sends or receives a message, a plaintext copy is sent to law enforcement.

\- The law could _not_ compel WhatsApp to add a law enforcement key to every
message or to otherwise weaken their encryption or security in anyway.

[0]:
[http://classic.austlii.edu.au/au/legis/cth/consol_act/ta1997...](http://classic.austlii.edu.au/au/legis/cth/consol_act/ta1997214/s317zg.html)

~~~
roenxi
That doesn't sound secure. What that is describing is that third parties can
easily intercept my data. It isn't a huge deal because email is by nature
quite insecure; but if I cared about other people reading my emails the law is
a bit of a problem. At some point these companies will probably leak data onto
the public internet (if the Panama papers can leak, anything can).

Secure by design includes ideas like the pipe forgetting what it transmitted
after it finishes transmitting it.

~~~
throwaway9d0291
It isn't secure and I wasn't saying it was secure. What I was saying is that
the law gives you no less technical protection than you had before the law.

Importantly, the law doesn't compel you to have any interception capabilities.
If you publish open-source code with verified and reproducible builds, the
government can't really ask you to do anything, as doing so would either alert
the people they're targeting or compromise the security of people unrelated to
the investigation.

And I don't think this is any different to anywhere else. The FBI for example
has been able to gain access to encryption keys in the past so I see no reason
why signing keys would be any different.

------
lazyjones
It's obvious that someone who has to process your stuff in plain, unencrypted
form (e.g. for spam filtering) can also access it when debugging etc.

Apparently they have strict policies in place to first ask users for consent
first whenever they need to, seems good to me (happy customer of pobox since
1997 / fastmail since 2013).

------
mikece
To me, Fastmail is the option if you want inexpensive, reliable email where
there will be ZERO reading of your email by bots to build a marketing profile
of you to be sold to whomever wants to buy it. Anyone presenting a legitimate
warrant is going to get access to your content and I'm not trying to hide from
those people.

------
wereHamster
Any data that leaves your own device unencrypted can be read by other people.
Is that newsworthy?

------
guims767
Support asked me to authorize their access by replying "OK" to an email of
them. I asked to know more about this and they said that only trained engineer
will access my data, and that they would wait for me to reply OK to their
email before to do so...

~~~
enz
So, the team is being pretty transparent and explicitly wait for your
approval. So, I guess it’s a good point, right?

~~~
ishitatsuyuki
I think the point is that the permission management is manual, not
systematical.

~~~
guims767
At least it'd be good to have an automated email when someone from support
access your data with what data was accessed, when and by whom and for what
purpose (i.e. related to your support request).

