There are many valid reasons that online service providers request, or even require, your phone number. Most are for your protection (honest!).
But there are most definitely scenarios where handing over a phone number isn’t the right thing to do. If so, that rules out any email providers requiring them.
I have a recommendation.
Become a Patron of Ask Leo! and go ad-free!
ProtonMail does not require a phone number or personal information, and also supports forms of encrypted email for privacy. If needed you can upgrade to paid tiers. Understand that without a phone number or recovery email, you may lose the account should you forget the password or get hacked.
Why a phone number?
Conspiracy theories aside, online services want your phone number for one reason: to be able to confirm your identity should you lose your password. Even if you lose your phone — a common concern — your number can quickly be moved to its replacement phone and your ability to confirm your identity remains intact.
I also believe that more services are requiring phone numbers as a way to confirm that you’re legitimate and not going to abuse their systems. Email abuse is rampant, and requiring a phone number provides an additional level of accountability. It’s also something that most email abusers don’t want to provide, thus keeping them off the system.
What I don’t believe is the common conspiracy theory that email services want your phone number in order to track you. There are plenty of ways the big services can track you, if they so desire, without needing your phone number. And, no, I don’t believe we’re being tracked at an individual level anyway. (If you believe we are, then you simply need to step away from all mobile technology.)
Why not a phone number?
Certainly, if you feel that the service will use your number in some way counter to your interests, you don’t want to provide it. I get that. You need an email service that doesn’t require a phone number.
There are two additional reasons people don’t want to share their phone numbers:
- They need to remain anonymous, for whatever reason.
- They don’t have a phone — or mobile phone, as some systems require.
That last one — the requirement that you have a mobile phone able to receive SMS text messages — is the most common deal-breaker I hear of. The next most common concerns I hear are privacy-related.
To address both issues, I recommend ProtonMail. Quoting their website:
ProtonMail is incorporated in Switzerland and all our servers are located in Switzerland. This means all user data is protected by strict Swiss privacy laws.
We use end-to-end encryption and zero access encryption to secure emails. This means even we cannot decrypt and read your emails. As a result, your encrypted emails cannot be shared with third parties.
No personal information is required to create your secure email account. By default, we do not keep any IP logs which can be linked to your anonymous email account. Your privacy comes first.
Privacy, security, anonymity — and free.1 Seems like a pretty good deal to me.
About that encryption
I want to clarify one important aspect about encryption.
It’s not really encrypted email.
Truly encrypted email requires the use of decryption software between both the sender and the recipient. Since we can’t control the recipient’s email tools, there’s no way to encrypt an email message and know they’ll be able to securely decrypt it.
To encrypt an email sent to a non-ProtonMail account, you must first specify that encryption is to be used (it’s off by default), and then supply a password for the message.
The recipient will get a link to your message rather than the message itself.
On clicking the “View Secure Message” button, they’ll be taken to a ProtonMail webpage, where they enter the password to view the message.
Obviously, you need to provide the password to the recipient by some other means.
I have to re-emphasize that without a phone number or alternate email address (also optional at ProtonMail), if you lose your account, you lose your account. If you forget your password or your account is somehow hacked (they do support two-factor authentication, by the way, without requiring your phone number), then you have no way to prove you are the rightful account holder, and your account will be lost forever.
There are a variety of other services that may or may not require a phone number or alternate email address.
Here’s one relatively recent list.
Some services are familiar and others may have some caveats (if abuse is suspected, they may suddenly require a phone number), but it’s a good list to review should you find that ProtonMail is not for you.
Another other alternative
Finally, there’s one approach I recently became aware of that would allow you to create an account at providers that require a mobile phone number without having your own mobile phone.
These services provide a phone number you can use for a very short period of time to receive an SMS message. You then walk away from that number, but the account that required a phone number thinks you have one.
Important: you will not be able to receive SMS messages from that number in the future. If you ever need to provide additional verification that you are you via a text message, you will not be able to. You may lose access to your account, or have a significantly more difficult time regaining access.
Needless to say, I can’t recommend this approach in general, since it sets you up to lose your account in even more situations than not having a phone number configured at all. But it might be an appropriate solution for some, as long as you’re aware of the risks going in.
Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.
I'll see you there!