Am I just too paranoid about email?
Since Google has all my email, I am not willing to give any other company access to it. It's bad enough that I already rely on Google, mostly for historical reasons, but they at least take security as one of their top priorities. Sure, the three letter agencies might have a copy, even if I'm a "good guy", but I assume that at least they won't sell the data?
> Am I just too paranoid about email?
You are not. I always say your email account is the most valuable thing you own. You need to keep it more secure than even your bank account (because that is easy to recover and rollback if stolen)
My password manager and email are the two things I own that require three factors to access - username, password, and hardware authenticator.
No way in hell I’m going to even consider using a new webmail product from a small startup.
I agree that it's very important not to lose control of your email account. Someone taking it over would be very bad indeed.
On the other hand, I don't have very high expectations when it comes to the security of the actual email messages. I don't control the other end at all. Email infrastructure, software and protocols are old and varied. Keeping those messages secure seems a bit hopeless.
Username and passwords should be considered a single factor, even moreso for email since your username is often your email address and could be considered public information.
The four types of factors are: something you know, something you have, something you are, somewhere you are.
I know my employer wouldn’t be happy about me redirecting my $WORK email to a third party for the purposes of AI mining my email.
It isn’t just paranoia, but also security, compliance, etc… all of which is very high on my employer’s checklist.
So realistically this means that the main use case is probably going to be personal email accounts. So IMO, Notion’s goal should be trying to get people to move their personal accounts first. Then once people get used to the features, they can try to move companies over. Advertising corporate use cases (job offers, expense reports) just doesn’t make much sense to me.
This was also the Gmail playbook when they started too. In addition to dogfooding their own corporate email, Gmail at first was a replacement for personal Yahoo and Hotmail accounts. Then it became useful for companies after people got used to using Gmail for their personal accounts.