In the last months I very often was in a position where I needed to send an email attachments with sensitive content to someone whom I didn’t know well personally (so that I could talk to them how set up encryption), but about whom I knew that they had little IT background and barely knew how to operate a mail client. I’m not an expert myself, but I do know there is such a thing called PGP and with some time&pain I can get it to work.
(Imagine the receiver to be a non-tech person from a big company who little no time to deal with encryption and me being an non-IT engineer, who is technically minded, but does not have deeper IT/infosec knowledge and wants to protect his privacy as much as is possible.)
Because it is not clear to me that the email that I send will be send via TLS between server (and it is also not clear to me why I should trust those intermediate servers), it seems a very bad idea to a pdf with send sensitive content as a standard mail attachment.
Out of desperation I have resorted to uploading the pdf on a file sharing platform (which we shall assume to be trusted, so that my data is safe there). Then I send the download link to that file via (unencrypted) mail. The link has an expiration date and is password-protected and I’m sending the password along the link; this may seem stupid at the first glance, but please read along.
In this way the receiver of the email can still easily access the file without further IT knowledge on his side, but my privacy is slightly enhanced: Whiile I know that if someone would be after me and is intercepting my mail, it would still be very easy for him to get his hands on my pdf, if he is fast enough to download it before the link expires (which is usually a few days). But my threat model is not about protecting against that type of attack, but rather about protecting myself against automatic data collection & hoarding (think, e.g., government authorities snooping on subway cables).
I would assume, since getting the pdf involves some human action, such as filling in a password, that even if my data is collected, it will take too long until a human looks at at and by that time the link will have expired.
My question is:
Is this a good solution for my very moderate threat model described above? My file sharing platform doesn’t use Captchas when one introduces a password to download a file. I assume that, if they would, that I would be 100% secure against such automated data collection, since even if such software would also automatically extract the password from the mail (which I doubt would happen, because if you hoard millions of mails that have passwords in them, you would need a very large amount of computational power to run automated NLP algorithms on them, to get the correct string that is the password, perhaps more than is available), it could not go past a Captcha?
Do you know any other way to securely send the email attachment (including any improvements to my solution above), so that the receive can still download it with minimal IT knowledge and time investment?
(Note that there was another question here regarding sending of links in mails, but my use case is different and more specific.)