The government can subpoena your own server in your own house just as easily as they can subpoena Google's servers.
So who are you hiding from? If it's the government, then you must use strong cryptography no matter where you host your email, and you must ensure that everyone you communicate with is as paranoid as you. (I would encrypt all my email, but nobody else I talk too will. So it doesn't work.) If it's advertisers you want to avoid, just run your own server and stop worrying so much. People have been doing it for years.
(Although, I run my own mailserver and am inundated with spam. Thousands of messages a day. So you aren't really avoiding advertisements, you are just avoiding advertisements for stuff you might actually want :)
Yes, but if it's in your house, you at least know it happened and can try and fight it. If google hands over your data you may never know. I think in many cases they'd likely be barred from telling you even if they wanted to.
Yes, good point. And if the disks are encrypted, you will definitely know about it, because they won't be getting any data without you. (Unless the email police broke AES or the key-strengthening algorithm and haven't told anyone yet. This is unlikely, however.)
On the other hand, Google has a lot of resources and lawyers to fight off the government if they come knocking, and they've been known to fight to the max in the past.
You? Not so much. If the FBI shows up at your door, you're toast.
On you own server you decide what and for how long data will be stored.
In the government wants your server you can format your hard drive if you want (or whatever you think is fit). I bet you can't do that if your mail is on google (or yahoo, msn, etc for that matters)
In the government wants your server you can format your hard drive if you want.
That is illegal and ineffective. Full-disk encryption provides much more safety, both legally and technically. (They could still sneak into your house and install a hardware keylogger that gets your encryption passphrase, and then seize the disks. But this is real life, not a movie.)
Well, they do have hardware to seize a running server without shutting it down (by splicing into the power cables/power lines at the wall plate and introducing battery power). How secure is a running machine sitting in a forensic lab? If you're receiving mail from the net your disk is necessarily unencrypted, right? I guess you would also need some sort of dead-man trigger. Suggestions?
Not hiding from anyone, or especially worried—I was just inquiring if Google Apps Premium (or Standard) would address the grandparent's privacy concern: thought maybe there was a clause in the T&Cs I missed or similar.
Fair enough for Iranian/Chinese users perhaps but I thought Hushmail was no longer secure - ever since they handed over user data in response to a subpoena.
There's nothing wrong with handing over data in response to a subpoena. They're legally required to do so. The problem is with providers who hand over data without a subpoena.
They didn't, but the they were forced to setup something on their servers that allowed them to capture the keys (or something like that) in one particular instance, IIRC.
