Email is a surveillance trap that copies and scans every attachment. This guide gives you a two minute encrypted delivery stack: encrypt files locally with Picocrypt, 7-Zip, GPG, or age, deliver with Wormhole or OnionShare, and send the password separately over Signal or Session. Ditch plaintext delivery, protect NDAs, and ship assets like a pro.
You’re building your future and emailing it away. Every proposal. Every client file. Every pitch deck. You fire it off through Gmail like it’s still safe. But it’s not. Email is a surveillance trap.
The file isn’t just “sent.” It’s copied. Scanned. Logged. Parsed. Forever. By your email provider. Their provider. And every hop in between. If that sounds dramatic, read your Google account settings. It’s not paranoia. It’s the business model.
You wouldn’t hand a stranger your keys just to deliver a letter. So why are you handing over your unencrypted files?
Time to stop.
Why Creators Can’t Afford Plaintext Delivery
Sending sensitive files in the clear text such as contracts, drafts, brand assets, research makes you a liability. Client NDA? Might as well print it on a billboard.
Every file you attach:
- Can be scanned by Google, Microsoft, or any third-party AI pipeline
- Stays in someone’s inbox forever, indexable, leakable
- Could be intercepted or auto saved to cloud drives without consent
It’s about professionalism. If you can’t safeguard a PDF, why would a client trust you with strategy, trade secrets, or reputation?
The 2-Minute Encrypted Delivery Stack
You just need a new default. Here’s the stack:
1. Local Folder
Keep the file offline. Work on drafts locally. Save final versions to a designated “Delivery” folder.
2. Encrypt the File
Use one of these:
- Encrypted ZIP (with 7-Zip)
Strong password, AES-256. Easy to open on both ends. - Age or GPG
More technical, but solid. Scripts available for repeat jobs. - Picocrypt
Strong, tiny, and easy to use. My favorite.
3. Upload to a Secure Host
- Wormhole
Free, end-to-end encrypted. Files auto expire. No login. - OnionShare
Tor based options for advanced users, still super easy to use.
4. Send the Link Separately
Never send password and link in the same message. Split them:
- Link via email
- Password via Signal, Session, or SimpleX
5. Clean Up
Delete the local encrypted file after confirming delivery. Remove metadata if needed. You now have a basic, client safe delivery pipeline. No cloud accounts. No corporate surveillance. No “Oops, I sent the wrong draft and now it’s permanent.”
How to Explain It to Clients (Without Sounding Paranoid)
You don’t have to rant about surveillance capitalism.
Just say:
“For confidentiality, I use encrypted delivery tools instead of email attachments. You’ll receive a secure link and a separate password to access the file.”
Professional. Clean. Trust-building. If they ask “Why?”, send them this article.
Hint: I have a email template in the SECURE CHANNEL materials if needed.
What Happens If You Don’t Change?
Here’s what you risk:
- A client leak traced back to you
- A flagged email from Google with your file blocked or quarantined
- Your work training AI models without permission
- Your inbox being breached including attachments
No one plans for these, until they happen.
Encrypt your files. Control the delivery. Claw it back.
Don’t stop here. For a complete system that covers passwords, phones, data, and network lockdown, read the: The Complete Guide to Locking Down Your Digital Life
-GHOST
Written by GHOST, creator of the Untraceable Digital Dissident project.
This is part of the Untraceable Digital Dissident series — tactical privacy for creators and rebels.
Explore more privacy tactics at untraceabledigitaldissident.com.