What is an email alias and how it protects your privacy
July 21, 2021 · written by Giorgio
An email alias is a unique email address you’ve created that functions like a nickname, or an on-the-fly email address that you can use to use when you need it.
SimpleLogin built an entire business around them, and you may be asking… why?
What’s so special about email aliases?
Well, the underlying technology is quite simple, but grants you way more power than you think right now.
In this article, we’d like to explore why you should consider using one email alias for each service you subscribe to online.
Table of contents
Your email is a gateway to your identity
We cared about privacy online before it was trendy.
Protecting your information such as email address, phone number and credit card should be at the core of every business operating online.
However, there are bad actors that will take your email, personal details, and sell it to the highest bidder (or to government agencies).
HaveIBeenPwned, the main provider of details about all the recent data breaches, states there’s been billions of data breaches in 2021 alone.
Want an example?
Let’s say you see a new offer for the laptop you wanted to buy on siteone.com. You register using your email, firstname.lastname@example.org
Great - your email is now hosted on one database.
Then you see a food delivery in your area, and it’s 25% off! How can you say no to that.
Let’s subscribe with the same email: email@example.com
At night, you go outside, and since COVID-19 is spreading very fast a pub ask you to register with the national health system before entering the venue.
You do that with, you guess it, firstname.lastname@example.org
When you come back home, you’re a little dizzy, and search Google for the best remedies for your hangover.
Google shows a list of useful remedies, and you find a great blog with the best 10 tips for getting yourself together.
However, they want to get your email to download the e-book. You need it, so you enter your email. Again: email@example.com
In this example, which is very real and practical, you entered your email four times in 24 hours.
If you do that every day, it’s 1460 sites, hence 1460 databases, in control of your email address.
Why is it a problem?
Hackers can use your email to gain access to your accounts. To prevent this, you should use an alias to protect your email address. You should only use an alias that is not known and is not in the public domain. If you use your main email address and for instance your email alias on a social site, the information is now out there.
Every. Single. Online. Database. Can. Be. Hacked.
Put that in your mind. Every single one. The TeeSpring data breach leaked over 8 billion email addresses - and they’re a GIANT corporation, not your local small business.
Facebook, Twitter, Google, Amazon, Reddit, all faced problems with hackers getting into their system.
Sometimes they steal your email, sometimes your entire identity such as phone number, credit card, and address.
Every kind of digital service carries some risk, and in life we always have to ponder the risks and benefits of our actions.
However, just as you wouldn’t make yourself vulnerable to a stranger, you shouldn’t do that with random businesses online either.
When you subscribe to their database with your email, you’re giving a total stranger control of your digital address.
It means they can bombard you with emails, give your email to other third parties for advertising purposes, or just straight-out sell your address to bidders online.
Isn’t regulation enough to protect my privacy online?
GDPR, HIPAA, and dozens of other privacy laws are certainly helping, and that’s why the European Union is pioneering the movement towards a healthier, safer internet for everyone.
Privacy and Cookie laws are even being enacted in states like California and Nevada. So, while Europe started it, the entire world is going in that direction.
However, regulations are mainly constructed to restrict giant players, like Google and Facebook, to pursue unethical business practices.
Small players, like your local e-commerce or blog writer, can’t comply to them even if they wanted to. They’re insanely expensive to put in place, and the chance of you being able to actually comply 100% with them is slim.
For example, a service like SimpleLogin can easily comply with GDPR as we don’t need to track any of your data. You sign in to our system, you use it on a GDPR-friendly web hosting, and that’s it.
- process your payment
- store your credit card information
- store your physical address
- require a real email address (yup, of course you can use an alias!)
- read your emails
- store your actions with cookies
We don’t need it, so we don’t do it.
However, small bloggers and e-commerce owners might need to, and we’re not saying you shouldn’t support them just because they can’t afford a 10-people team to oversight the cybersecurity in the company.
Why email aliases protect your identity on websites
So, what’s the solution?
We promise it’s simple, effective, and… free.
It just gets better doesn’t it… ;)
Let’s go back to our example before. You registered to four services:
- an e-commerce to buy the laptop
- a food delivery application
- national health records
- Blog newsletter
with your main email address: firstname.lastname@example.org
If you now want to unsubscribe from the e-commerce, you need to log into your account, delete your username, confirm the action from your email address and hope the e-commerce actually deletes your email from their database.
Then, you need to ask the food delivery app to delete all your information from their database, as they also have access to your physical address.
As of the national health records, you may want to remove your email address from there after the covid19 pandemic ends. You can’t unsubscribe from a government register, so as long as they want to keep your email there they can.
Regarding the newsletter, you have to click the “Unsubscribe” button at the bottom of an email they sent you and hope they delete it forever.
Do you see any problem with this approach?
We see two:
It’s based on trust. You’re trusting these services to delete your email address on their end. There’s no technical confirmation they can give you that they actually did;
It’s not always possible. Government agencies, blocked websites in your country, and internet censorship in general can cause problems when you try to delete yourself from a database.
There’s one simple addition you can have to solve ALL of these difficulties, and go on with your life with ease of mind.
And that’s email aliases.
Do you remember what we said about them at the beginning of the articles?
Great, let’s see how this can be the key to a better life online for you and your family.
An email alias is fundamental to have a kill-switch for every online service you register for
This is what using an email alias for each website / service looks like:
Screenshot from our Chrome Extension
Do you see that great switcher on the right?
Could you guess what it does? 😊
Click it. Aaaaand… puff.
Your email alias is gone. Each service assigned to it will never be able to email you again, sell your address or market to you.
🔥 In ONE click 🔥
Would you agree this is quicker than going through a multi-step unsubscribe process and crossing your finger the provider will go through with their promise?
This also means you don’t have to worry about subscribing to many newsletters that will not interest you anymore in the future.
Get your freedom back… subscribe to whatever you want.
Once you’re done, filter through all your aliases, find the service you’re not interested in anymore, and kill the alias.
It’s that simple, no joke.
It feels like this should be a default feature of “the internet”, right?
Well, that’s why we built SimpleLogin. To let you enjoy the peace of mind that SHOULD come when you decide to give someone your email address.
The right to revoke your consent. Without hassle.
And by the way, this is coming from marketing professionals. We love to give you the best material based on your interests… but only if you want it.
Receiving emails and promotions is like sex. It’s good only if it’s consensual.
Do you have to use SimpleLogin to create email aliases?
Look, we’re a business, and we go through many hassles every single day to make sure our service is fast, responsive and worth your money (or time, if you stay with the free plan).
Our free plan gives you 15 aliases you can use and “kill” whenever you want. Easy.
If you need more, we offer a premium plan for $30 per year, with heavy discounts for families, students and non-profits.
Also, if you’re a business, you can use email aliases to run it without subscribing to Google Suite, and that will save you tons of dollars (article coming about this!).
HOWEVER, this article is not self-promotion. We really wanted to give you a complete, oversight view on how email aliases can protect your digital identity.
We honestly don’t care how you generate the aliases. Just, please, do.
We have a few competitors:
- Firefox Relay
- Apple (only available on iOS)
and, although we believe our features set is richer, you’re free to use them. We see competition in this field as a way to fuel a needed solution in the marketplace rather than something to fight.
Also, our code is open-source, so if you have the technical know-how you can just download it, set it up on your server and run your instance.
For free. All premium features included.
Is this all email aliases can do?
Nope. Email aliases can be used to save money, protect your identity and send secure communication from non-secure addresses (such as Gmail addresses) thanks to PGP.
This means they can help fight government surveillance in countries without freedom of speech online, such as China or Russia, and bundle up with VPNs and proxies nicely to avoid IP tracking from government agencies.
We will explore all the uses of email aliases in our upcoming blog posts, and you can also subscribe to our substack if you’re interested in weekly updates on cybersecurity and tips on how to protect your privacy online.
Remember: the assumption that only bad people need privacy online is ridicolous.
You wouldn’t shout your physical address in a pub even if you only had cute kitties in it - would you?
Your privacy is monumental to your freedom.