Best practices for sending sensitive files to a third party—and why copy protection is stronger than encryption.

You have a document, video, or audio file with sensitive information and need to send it to someone else. What’s the safest option?

Three common choices come to mind: email, Dropbox, or a USB flash drive.

Sending an email is like sending a postcard. It’s open to interception, and anyone determined enough can read it. Most of the time nothing happens, but relying on luck with sensitive data is risky. Encryption improves email security, but file size limits (usually around 20MB) make it impractical for large videos or datasets. And once decrypted, the file is free to be copied or shared without restriction.

Dropbox solves the size problem by letting you upload large files and share a download link. However, Dropbox doesn’t encrypt files by default. You can password-protect a compressed archive, but the same weakness applies: once decrypted, the file is wide open to manipulation or unauthorized sharing.

That leads to a critical question: Do you trust the recipient?