Having to physically wire tap the phone line is a lot more difficult and requires local bad actors. Email’s exposure to the internet makes it easier to hack. Yes, email can be encrypted, but if your server is compromised, that doesn’t matter. End to end encryption for email is much harder, and isn’t really used by any institutions (and usually can’t be because of data retention regulations), so the server has complete access to the unencrypted email in almost all cases. Compromising a fax machine that isn’t connected to the internet is a lot harder.
Not all faxes go through VoIP. Your everyday home fax machine probably uses VoIP, because having a landline installed in your home is stupid expensive and unnecessary, but faxes in institutions probably use the PSTN. These institutions most likely need landlines anyway, so having a dedicated fax line makes a lot more sense.
And if a fax goes through VoIP, it’ll be encrypted the same way email is. So in that case, it’s the same level of security as email, which is to say, easier to compromise. At least you can’t trick someone into clicking a link in a fax though.
Having to physically wire tap the phone line is a lot more difficult and requires local bad actors. Email’s exposure to the internet makes it easier to hack. Yes, email can be encrypted, but if your server is compromised, that doesn’t matter. End to end encryption for email is much harder, and isn’t really used by any institutions (and usually can’t be because of data retention regulations), so the server has complete access to the unencrypted email in almost all cases. Compromising a fax machine that isn’t connected to the internet is a lot harder.
Not all faxes go through VoIP. Your everyday home fax machine probably uses VoIP, because having a landline installed in your home is stupid expensive and unnecessary, but faxes in institutions probably use the PSTN. These institutions most likely need landlines anyway, so having a dedicated fax line makes a lot more sense.
And if a fax goes through VoIP, it’ll be encrypted the same way email is. So in that case, it’s the same level of security as email, which is to say, easier to compromise. At least you can’t trick someone into clicking a link in a fax though.