Interview with Countermail Email Provider
0)Please tell us, what is your role (in the email provider company, where do you stand, owner, marketer, advertiser etc)?
Simon Persson. CEO
1) Does Countermail keep or enforce any logs, IP Addresses, Timestamps, Bandwidth caps, Traffic or other data on users?
We store email logs for one day, but we never store any IP-addresses. Our web-server do not have any hard drives, it’s booted from a CD-ROM, this is done to prevent leakage to any hard drives and give extra protection for our users.
2) What type of Encryption do you use to secure emails?
SSL/HTTPS + OpenPGP, and also disk-encryption on the mail-server. Even incoming unencrypted email will be encrypted to the users public key. So all emails are stored in PGP-encrypted format.
3) Where are your servers located and what jurisdiction do you operate under?
We have our jurisdiction in Sweden, our servers are also here.
4) When a user deletes an email or draft, is it actually deleted? (many mainstream providers keep users email even after deletion)
If you delete it before our backup is processed (at midnight Swedish time) it will be deleted directly and permanently. If you delete it later, it can end up in our backup, we have a 7 day rotating backup, so 7 days is the maximium time. For email providers, a backup is a must. Personally, I would never store any information with a company that does not have backups. In our case the backup is not a security risk, all emails is already PGP-encrypted individually, and the backup itself is always stored on another server, which is also using disk encryption.
5) How do you generally handle requests from law enforcement?
Countermail will not accept an order from any organization or investigative agency that is outside Sweden. If we get a court order from the Swedish police, we can give them some account data, but most of the data is only available in encrypted form, and we don’t log IP-addresses. Since we don’t store account passwords we can’t give out any unencrypted email. More information here: https://support.countermail.com/kb/faq.php?id=56
6) Do you track users in any way with trackers, advertisements, or cookies?
No we don’t, and we will never have any third party script/link on our homepage. For example, script/links to Google Analytics or Facebook could destroy the anonymity for the users. It’s pretty ironic when you see privacy-minded companies have such links…
7) How much do your encrypted email services cost?
It depends on the subscription length and the options: users can buy USB-keys to enable two factor authentication, extra space and an option to use their own domain name. But a typical price for 1 year is $59 (4.91/month), all prices could be found here: https://countermail.com/?p=services