My initial motivation for this was the "account 89% full" notice, so I wanted to delete all the old junk to free up some space. But after reviewing what's in there (and I've had that account since ~2004) the opposite sentiment arose: delete everything important, unique, personal. Leave them with the junkyard of various subscriptions, newsletters, just the digital flotsam that's both ambiguous and meaningless -- perfect for appearing both legitimate and irrelevant.
This is like saying the real solution to bad practices of food companies is to exclusively grow your own food, or the answer to anti-repair practices is to only build your own devices, vehicles, etc. Contractors cut corners? Don't try to regulate, just learn carpentry, plumbing, and HVAC plus codes!
Even if it's fun as a hobby, I don't want to be on call for my own basic online services.
That said, I also don't think selfhosting is a realistic solution for most people.
It's not an apples to apples comparison because an administrative warrant served to Google is much different from raiding your home but if they wanted to they could.
At this point, acting as if America (and many parts of the world for that matter) aren't living under an authoritarian government is futile. We still have freedoms but they're trying really hard to take them away from us.
This is where encryption comes in.
https://thblegal.com/news/can-i-be-prosecuted-for-failing-to...
> It has been pointed out to us that since we have our servers in the US, we are under US jurisdiction. We do not believe this to be the case. We do not have a legal presence in the US, no company incorporated in the US, no staff in the US, and no one in the US with login access to any servers located in the US. Even if a US court were to serve us with a court order, subpoena or other instruction to hand over user data, Australian communications and privacy law explicitly forbids us from doing so.
Under TIA Act provisions (such as s180), an authorised officer of a criminal law‑enforcement agency can authorise access to prospective telecommunications data [metadata only; not whole messages] if satisfied it is reasonably necessary for investigating an offence punishable by at least three years’ imprisonment. (In other words, ~any time they want)
Example: the data‑retention regime’s records were being accessed over 350,000 times a year by at least 87 different agencies, including non‑traditional bodies such as local councils and the RSPCA [pet cruelty nonprofit].
Given Australia's population is only 28M, that means roughly 1 in every 80 people gets communications metadata pulled by their own government annually.
The only way to win the game is to not play.
It was a real eye opener to experience how challenging it was to move my data from one Google account to another. Takeout is nice in theory, but there is no equivalent "Takein" service that accepts the data form import to another Google account in the format produced by Takeout! I naively assumed "Export Google calendar from here, import same files to there" but nope, that did not work at all. Maps data was even worse.
EDIT: asking because I've been working on an alternative of sorts. I used GV a lot before I figured I could go without it/Google.
And, possibly most importantly to me right now, my current phone has only a data connection and I make and receive calls using the Voice app. I think SIP eats too much battery and data and doesn't work well for wifi<->lte switching, but it's been a long time since I used it much.
I previously looked at jmp.chat but they didn't really inspire confidence on the security front.
Never used Gmail other than as a throwaway account.
Went many years before I had a Youtube account. Finally made one to upload some videos. I am normally not logged in.
(OK, OK - I was more concerned with them suddenly charging for a "free" service, as well as selling data to commercial enterprises than with them giving to the government).
(OK, OK - I do use Android).
Edit: People are not understanding the humor in the question. I implied I predicted this reality 20 years ago, and he's asking for another prediction 20 years out.
The question is, who do you trust with your private data forever? To me and the parent, the answer is obvious: no one except yourself.
Mozilla backed it with a grant but that was a few years ago.
Someone is going to say self hosted is better and I don't disagree, but there's limits to how much time I can spend on self hosted stuff.
Protonmail also has gone on record stating that they will comply with legal orders from the Swiss government to spy on and turn over the private data of their users.
https://proton.me/blog/climate-activist-arrest
Swiss law has recently gotten significantly more aggressive in recent years, especially wrt to prosecuting climate activists. Criminal damages for drawing with chalk on pavement, for example...
Look up the "Secret Files Scandal" of 1989 and decide for yourself how comfortable you are with Swiss law.
There has been no evidence of this, stop spreading misinformation. They're clear on what they can and can't hand over and what you can do to reduce the information that they can hand over like billing info. For some inexplicable reason people expect a corporation to disregard legal government warrants and subpoenas. Thinking any company would do this is next level delusion. Even if you self-hosted, you wouldn't be able to escape this because it would just end up with you in jail.
The only protection against that is end to end encryption. And to this day Proton has handed over zero data that falls under their E2EE umbrella.
At best, even if you assumed that they were collecting incoming/outgoing emails before encryption it would be nonsensical to think that this wasn't happening to other providers, it's just the nature of email. Nobody who cares about absolute privacy should be using it as a means of critical communication regardless.
The notion that Proton capitulates and somehow hands over your emails or other encrypted data is false and completely unsubstantiated. Unlike Google on the other hand, who will hand over your entire inbox unencrypted with zero issue to DHS/the FBI merely for writing a letter to an attorney:
https://www.washingtonpost.com/investigations/2026/02/03/hom...
https://redact.dev/blog/proton-mail-journalist-suspensions-c...
https://www.reddit.com/r/privacy/comments/1nd07w0/comment/nd...
First I signed up with Proton Mail and added my own domain, they fit the bill for me, YMMV.
Then I did a search in my password manager and went through those accounts.
Then I just let the old account sit there for a year. Each time I got an email from something I cared about I'd log in and change mail.
It's been a year now, and I'm about to terminate the old account. All I get there now is occasional spam.
I really dreaded this, but all in all quite painless. And next time it should be easier since I now own the email domain.
edit: Forgot to mention I use Thunderbird, so old email I archived to local folders. That's part if why I ended with Proton, their IMAP bridge allows me to keep using Thunderbird.
I’ve also had some bad experiences with rates being raised on domains. That still ends up feeling like a risk to me, as the problem of domain squatters has not been solved, and the “solution” being employed seems to be continued rate hikes and exorbitant pricing for “premium” domains. It makes buying a domain for email not seem worth it… or at least not without its own long-term risks.
My current project has been trying to reduce my footprint, by deleting old and unused accounts, so any future migrations will be easier. I’ve found with many sites, this is easier said than done. For example, I deleted my Venmo account at least 2 months ago, yet I just got an email from them yesterday about reviewing privacy settings. Did they delete my account? They sure didn’t delete all my data if I continue to get emails. I’m betting they just set a ‘delete’ flag in the database. The lack of accountability and transparency on these things is really bad.
I've actually split the accounts. I have a Gmail which I use for "throwaway" accounts, like shopping sites where I don't care if I lose access. But it's probably better to exercise some account hygiene and do some spring cleaning every now and then.
There are a million services that assume that if you have access to the email content you are the account holder. Google claims they don't recycle email addresses, but if you lose your domain, the next owner has access to all emails from that point forward.
If something happens and you're unable to renew your domain, are your next of kin out of luck?
I'd say "don't do that". I had a friend pass which I knew had a custom domain for email, I told the relatives they had to be on the ball regarding renewal.
At least my registrar will keep sending invoices for a few months without letting go cough cough, so should be enough time to get the certificate of probate. With that the heirs should be able to get the invoice so they can pay.
For general security, I also use a yubikey for all services that support it, froze credit with all agencies, and added phone support passwords to all my financial institutions.
The failure modes of that are fire/natural disaster, and thieves. Do that, but also have a geographically redundant backup scheme. Either encrypted eg Backblaze or a relatives house in another state.
Overall it’s been an acceptable trade off and I’m glad years ago I switched to a custom domain for email so I can have portability.
I honestly assumed that everyone had a rotten time with Gmail spam filtering but I guess it’s just a me problem. I suppose that means I’m up for an interesting time dealing with it as I move to a custom domain somewhere else.
Anyone have any recommendations for providers that have exceptionally good spam filtering? Hell I’d even just settle for ones that honor “mark as spam,” because Gmail absolutely does not.
I'm getting a lot of emails and between 10-20 spams a day, but that's years of the very careful messages reporting and categorisation.
Similarly with important and "normal" emails - i only get one-two important per week, and marked as such for the same reasons; no false negatives.
Fair point. However...the parent's comment is also fair because the article does a poor job of raising this material fact. You have to click through a sub-article.
It's almost like this article should be tagged (2025) because it's basically a replay of the author's account from 2025.[0]
[0] https://www.theguardian.com/commentisfree/2025/oct/05/palest...
I didn't mention it in op but I also moved to graphene os which tbh feels much better than android has recently.
The request came in April 2025, and the user was notified the following month. That's next to a year for them to hear about it internally and then quit and setup self-hosting prior to today.
For all I know this could be somebody's OpenClaw spouting bullshit. The default credibility of all throwaways is zero and that was even true before 2023.
If you let it influence your opinion in any way you're a fool.
The account is from 2013 but given that profile, I can't give it any credibility. After all, it could be somebody's OpenClaw having been granted control of the account.
Luckily for HN, I actually have a post history. You can use my post history, textual analysis and statistics to make an informed decision about whether I'm a bot or not. Whether I'm being consistent or spouting any random bs.
The account I was responding to doesn't have anything.
> The account is from 2013 but given that profile, I can't give it any credibility.
What's in my profile is a statistical fact. It's there as a reminder, to me, not to expect everyone to see the world the same way that I do. To be comfortable with strong disagreement.
Just a hair shy of half the population is below average intelligence. Roughly 1 in 4 people has a cognitive impairment. This is of any age but trends upwards with age, reaching 2 in 3 by age 70. 1 in 4 Americans take psychiatric medication. 1 in 4 participates in illegal drug use. We haven't even touched on alcohol abuse.
My profile statement is just objective reality, whether you're comfortable with being stated openly or not.
This is a violation of the guidelines: "Throwaway accounts are ok for sensitive information, but please don't create accounts routinely. HN is a community—users should have an identity that others can relate to."
This just proves my point to discount what you say. You're basically admitting to being a pest.
You don't have to dox yourself, but people have to be able to at least call you out on consistency. There needs to be some indication that you're not _just_ a sockpuppet.
Otherwise I don't have any justification to engage with your expressions seriously.
- iCloud Backup (including device and Messages backup)
- iCloud Drive
- Photos
- Notes
- Reminders
- Safari Bookmarks
- Siri Shortcuts
- Voice Memos
- Wallet passes
- Freeform
A reasonable approach might be to use an iPhone with a privacy respecting email provider.
On a more practical level, forcing them to go to court might not be much better. If this went to a FISA court, those are essentially rubber stamps and give nearly 100% approval.
Did you not understand it at the time? Did you not see the news stories? This isn't rhetoric, I'm genuinely curious. It's been public knowledge for a long long time that Google hands data over to the USG without a warrant (likely without even Google eyes on the request, via automated means).
What changed that this story was the one that made you react?
Also remember, that when you exchange email with people who use GMail, then they've got you again.