Anyone who communicates via e-mails should first realise that the confidentiality of an e-mail usually corresponds to that of a postcard.
Optionally, confidentiality can be achieved by e-mail encryption. The GWDG provides services for this purpose. However, e-mail encryption presupposes above all an appropriate infrastructure for the recipient. The communication partner must therefore also become active.
In the case of e-mails, there is initially no guaranty about the identity of a sender. Faking a sender’s name is just as easy for e-mails as for letters and postcards, where any sender can be written on the envelope or card.
There are also optional components related to encryption technology for the verifiability of senders. The authenticity of a sender can be proven with so-called cryptographic signatures, i.e. it can be checked whether an email has actually been sent by the owner of a particular e-mail account.
In addition to the technical aspects of e-mail security, it should also be examined whether the disclosure of information to certain recipients is permitted at all: Here it has to be checked whether confidential content or personal data should or may be transmitted to the recipient at all and whether, insofar as this is affirmed, the disclosure of information via the only limitedly trusted medium e-mail is a suitable way of communication.