2

I wish to move away from big-name freemail and have set up an email account with a small provider that promises privacy. I have an account with an online merchant and changed the contact email from me@bigprovider.com to me@smallprovider.com. I received a confirmation email (at me@bigprovider.com), that my address had been successfully changed to me@smallprovider.com I found this unsettling, because now there is a relationship between both addresses, visible to bignameprovider.com. If I start changing my contact email at other websites I do business with, and the data is brokered/aggregated across these websites, I am no better off privacy-wise –- a profile of my habits and preferences can still be culled. Are there any best practices for this type of situation? Thank you!

rib_melon
  • 21
  • 2
  • It would be hard to completely hide your new email address from bignameprovider. But it's probably not a big deal - the key thing is that bignameprovider can no longer see the content of your emails. – paj28 Jan 23 '17 at 12:15
  • Although not directly relevant to your question, nobody has mentioned the fact that what the online merchant is doing here is good for security - it provides some protection against a black hat taking over the account and changing the password. IMHO this adds a lot more value than you are losing as a result of the accounts being linked. – symcbean Jan 23 '17 at 12:30

1 Answers1

1

You made the link when you changed the e-mail addresses...

A way to avoid this is to use a third e-mail address in between the process. That is, me@bigprovider.com to me@thirdpartyprovider.com to me@smallprovider.com. Or in other words, use some indirection (from one to as many as you want).

The thirdpartyprovider.com should be service that you trust enough (or could be your own server :). As you describe, bigprovider.com will get a notification when you do the first change, and then thirdpartyprovider.com when you do the second (and final) change. Assuming you eventually get rid off of thirdpartyprovider.com or you trust that service enough not to leak any data, the bigprovider.com will not learn the transitive set of relationships: me@bigprovider.com to me@thirdpartyprovider.com to me@smallprovider.com.

If you use different thirdpartyprovider.com for each business/websites you work with... you make more difficult such aggregation of data if there is some data leakage at any of them.

In any case, the online merchant will still learn everything, all the changes. But there is no way to avoid that (not in your scenario at least).

Guille
  • 385
  • 1
  • 9