Greater privacy for your Twitter emails with TLS

Wednesday, 12 March 2014

Protecting users’ privacy is a never-ending process, and we are committed to keeping our users’ information safe. Since mid-January, we have been protecting your emails from Twitter using TLS in the form of StartTLS. StartTLS encrypts emails as they transit between sender and receiver and is designed to prevent snooping. It also ensures that emails you receive from Twitter haven’t been read by other parties on the way to your inbox if your email provider supports TLS.

We’re using StartTLS in addition to other email security protocols we’ve previously enabled like DKIM and DMARC, which prevent spoofing and email forgeries by ensuring emails claiming to be from Twitter were indeed sent by us. These email security protocols are part of our commitment to continuous improvement in privacy protections and complement improvements like our securing of web traffic with forward secrecy and always-on HTTPS.

While we’ve enabled StartTLS for SMTP, that’s not enough to guarantee delivery over TLS. TLS encryption only works if both the sender and receiver of emails support it. We commend those email providers like Gmail & AOL Mail that have turned on TLS and we ask all other providers that haven’t yet to prioritize it. Together, we can protect the privacy of every user.