Apart from hacking or data breaches, email accounts in general are quite the opposite of private. This is because the email is not a direct communication, but rather goes via several intermediate steps. A single email message will get passed via multiple servers, including the ISPs involved for sender and recipient as well. Also the email client’s servers and other servers have multiple copies of the message stored at each server, and further copies on both the sender and recipient’s computer.
Simply avoid emailing things like PAN numbers, Aadhar card number, passwords, credit card numbers, and other sensitive, private confidential information. This way you will be more protected and at less risk. Also it is common knowledge that any email that asks you to reply in email with information that includes your password is almost certainly a phishing attempt. Sending that kind of information via email is simply a bad idea. Additional caution - be sure to always confirm that a reply is going to a genuine email address, and not to a spam variant.
Also make sure to correctly choose between ‘Reply’ and ‘Reply to all’ when responding to a group email.
The one place where the average person may well be at much more risk than they realize – is in open WiFi hotspots. It is fairly easy for anyone there to “listen in” on the data flowing to and from your machine. There, you need to be encrypted one way or another. All of this makes Identity theft in India possible. We should always be careful.