Don't believe those who loudly claim email can not avoid metadata! They are ignorant of our continuous works on minimizing metadata:
DONE:
- no phone number other identifying data needed
- no cleartext "Subject"
- no cleartext "To"
- randomized "Date"
- no IP addresses
- group/avatar/attachment/etc metadata only contained in encrypted message parts
Upcoming:
- servers to never see cryptographic ID metadata
- remove "threading" and auxilliary headers
- experiment with Sealed Sender
If you have a fediverse account, you can quote this note from your own instance. Search https://chaos.social/users/delta/statuses/115842446685941927 on your instance and quote it. (Note that quoting is not supported in Mastodon.)
RE: https://chaos.social/@delta/115842446685941927
Encrypted content / headers / transport / etc. are great harm reduction, but by no means is it metadata avoidance (in the strict academic sense of what those words mean when applied to communications systems).
Third party actors (e.g. relay servers / network actors) can build correlative models using the *metadata* inherent in the communication protocol (source, destination, timing, frequency).
We have decades of research demonstrating the power of such models - let's not minimize them.
