I mean, for normal people that is exactly how it’s being used. Your receipts for everything are automatically emailed with all kinds of private info for example. Nobody, and I mean nobody, is expecting those receipts to be public. And since all that is in your email you reasonably expect your other email to be private as well.
Email is auth now. People do not use email the way you are describing.
One of the biggest issues with the way the modern internet works is that it technically works the way GP describes but people believe it works the way you describe.
Even assuming all encryption is configured correctly at the endpoints so we can discount the risk of mid-transit interception and comprehension (do I assume CVS has encryption set up correctly on their outbound receipt emails? I do not...) People think it's like the postal network but it's more like the mail lands at the post office and they hand you a copy of it, while they retain the originals.
Email is auth now. People do not use email the way you are describing.