Encryption-Deprived Email Services Criticized By Search Giant Google

Peter Suciu for redOrbit.com Your Universe Online

Google Inc. called out rival email providers for not providing enough encryption. Apparently those rivals took notice and have started to address the issue. The tech giants new Gmail data highlighted the rise of backbone email encryption, something that privacy advocates have said was a long-time coming.

On Tuesday Google issued a transparency report, which denoted that email should be protected as it travels across the Internet yet in most cases protected it is not. It called out the fact that while most of us prefer that only the recipient reads the email prying eyes could see it as well. This could be through so-called bad actors or through government surveillance but one thing was clear email is anything but truly private or personal.

Encrypting the emails could make a difference according to the search giant. Google compared encryption to sealed envelopes, while unencrypted emails were little more than postcards.

Gmail has always supported encryption in transit by using Transport Layer Security (TLS), and will automatically encrypt your incoming and outgoing emails if it can, Brandon Long, tech lead for the Gmail Delivery Team at Google, wrote on the companys official blog this week. The important thing is that both sides of an email exchange need to support encryption for it to work; Gmail cant do it alone.

Our data show that approximately 40 to 50 percent of emails sent between Gmail and other email providers arent encrypted, Long added. Many providers have turned on encryption, and others have said theyre going to, which is great news. As they do, more and more emails will be shielded from snooping.

Googles Gmail service offers encryption from the browser by using the HTTPS, something privacy advocates have called upon for some time.

For the past few years, EFF has been working on promoting the universal use of encryption for Internet protocols. We started by pushing major sites to switch from HTTP to HTTPS, and gave individual users ways to pull things along, Peter Eckersley of the Electronic Frontier Foundation wrote on the groups Deeplinks blog on Tuesday. Last November, we launched our Encrypt the Web Scorecard, which in addition to Web encryption, added a second focus on securing SMTP email transmissions between mailservers.

Eckersley added that the EFF believed this to be a vital protection against non-targeted dragnet surveillance by the US and other governments.

In the months following the scorecard ratings, calling for support for STARTTLS email encryption, the EFF said a number of major sites including Yahoo, Twitter, LinkedIn and Facebook all deployed this form of backbone email encryption.

Originally posted here:
Encryption-Deprived Email Services Criticized By Search Giant Google