This post is not really about questions I have. I just feel like I need to write this somewhere to express my concern.
First of all, online stores have become a huge part of our society and I admit I heavily rely on that. That alone could be privacy issue but I’d ignore that for the sake of not missing the point of this post.
The problem is rather in the way these online stores send out their receipts. You might already know that emails are by default not client side encrypted. That means your email server admin (Google if you use Gmail, Apple if you use iCloud mail. And Proton if you use Protonmail. Yes Proton claims it stays encrypted as soon as the emails arrive to their server but who can really vouch this? It’s behind the curtain anyway. ) has access to your receipts including of the past.
Now email has been around for a really long time. And the client side encryption part has been worked in a lot of forms such as S/MIME. But none of the online services really implement it even though they contain critically personally identifiable info such as items I bought along with my name & address.
And the thing is even though these online sellers acknowledge this privacy risk, they don’t have options to not email us receipts. For example, Amazon has a dedicated page on their site where I can see the list of everything I bought. That’s literally enough for me. They can stop sending me the receipts in the worst possible way! At least they could provide us with better way (even WhatsApp will do) yet they don’t. This is a severe privacy issue.
I can’t help feeling, with all the sophisticated technology we have at hand, that we deserve better.


get a domain name, host stalwart somewhere and set up email with this new domain there, get receipt emails there and autoforward it to your main email with S/MIME, gpg or whatever enabled.
usual disclaimer ‘do not host your email blablabla’ (at least don’t get fucking digitalocean ‘droplet’ for it), but there’s no other way around that, ecommerce won’t enable shit.
I think this is one viable solution to me (not for other normal people).
But again, with my own domain, I’m basically announcing my presence all over the services I sign up to because I’m no longer a part of the mass of Gmail, iCloud etc. users. I fear this will expose myself even worse in case of personal info breaches. And buying multiple domain is not cheap.
with mass services requiring mandatory phone number binding I think being in user mass is a viable option - you cannot get reliable “secondary” email anymore and people don’t look through data leak dumps by eyes anyway, script doesn’t care about email address string - it all becomes hash anyway. Whois protection is pretty reliable to divert snooping 3rd-parties.
As for expensive… yeah, sad state of affairs is that there’s nothing cheap about hosting your own infrastructure. Price of not really trusting anyone or having obscure technical requirements.