Anybody can read my email, it's cleartext after all. ISP, registar, etc. I pay for my email as part of my yearly domain fee: 2 domains (personal and self employed work), 2 registars. I download them over POP3, store them locally in Thunderbird, backup them locally (encrypted disk) and remotely (duplicity, can't even remember, too early in the morning.) This protects me against some attacks, not against everything. The only online services I really care about are banks. Everything else is disposable. I call my customers, give them a new Google and AWS account, that's it. Or ask them to create an account for me until I sort out the problem. Protecting against state level actors is a different thing. No plans for that. After all they can knock my door and deal with me in person.