Hacker News new | past | comments | ask | show | jobs | submit login

apologies for being off topic, but: I am a long time Fastmail customer, but the law passed in Australia yesterday has me somewhat concerned. Fastmail is an Australian company. Anyone else concerned?

As far as I can tell, it changes nothing, assuming that your email was sent as plain text. Although Fastmail stores your email on encrypted disks [1], it of course has the encryption keys for these disks. Even before the new law, they would have been subject to any Australian search warrant requiring that they hand over your email, and would not have had any technical reason for not complying.

In general, unless you and your correspondents are using PGP or some such, your email is readable by anyone who can obtain a search warrant in the country where your email provider resides. (Protonmail may or may not be an exception [2]).

[1] https://www.fastmail.com/help/ourservice/security.html

[2] https://www.wired.com/2015/10/mr-robot-uses-protonmail-still...

Australian here. The law passed on Thursday is a massive concern, but in the case of an email provider there isn't as much of a change from what they could already do (TCNs aren't necessary -- they fundamentally already have collection capability unless you are using PGP for everything).

However there are some other worrying changes like the fact that TANs and TARs are secret and have no judicial review. Warrants (even the new computer access warrants that were passed in the same bill) have judicial review. But at the end of the day, they'd be serving a warrant to fastmail, not you.

Personally I use mailbox.org, and one of the really nice features is that you can give them a PGP public key and they'll encrypt everything you receive. So in the case of a warrant (though Germany has different laws on that matter) they could, at most, get the contents of new emails.

Author here, I had completely missed that news. It is a bit concerning, you are totally right. I have edited the article to mention it and alternatives, thank you.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact