Gmail finally receives end-to-end encryption but it isn’t free

  • Google is finally bringing end-to-end encryption to its Gmail service.
  • The body of the email will be encrypted as well as any media attached to the email.
  • However, not all users will get the feature as only premium Workspace customers can apply for the beta.

In 2021, around 36.5 percent of all email open accounts globally were on Gmail, making it the world’s most popular email service. Despite its immense user base, the service remained unencrypted at least on the client-side since its inception in 2017.

That is set to change with Google announcing on Friday that end-to-end client-side encryption for Gmail is officially in beta for Workspace users and education customers.

Workspace is the company’s paid business tools solution similar to Microsoft’s 365 platform.

Now, Google Workspace Enterprise Plus, Education Plus, and Education Standard customers can apply to sign up for the Gmail encryption beta until 20th January 2023.

“We’re expanding customer access to client-side encryption in Gmail on the web,” Google wrote in an official blog post.

“Using client-side encryption in Gmail ensures sensitive data in the email body and attachments are indecipherable to Google servers. Customers retain control over encryption keys and the identity service to access those keys.”

Gmail is the latest company platform to receive some form of encryption. Google Drive, Google Docs, Sheets, Slides, Google Meet and Google Calendar are all already encrypted end-to-end.

Google says bringing client-side encryption to Gmail will help strengthen the confidentiality of user data while addressing a “broad range of data sovereignty and compliance needs.”

After preparing their account, eligible Workspace admins can apply for the beta programme.

The encryption covers the email body and any attachments, including inline images. However, the header of the email, subject, timestamps and recipient lists aren’t encrypted.

There are several steps customers have to go through to prepare their account for the beta, and it can get quite technical for server admins to add the encryption across all accounts.

Admins will have to create a new GCP project with the Gmail API enabled in the Google Cloud Console. The full list of steps can be found here.

But end users can also enable client-side encryption to any email they are looking to send, simply by clicking the lock icon on the top right.

After the lock icon is highlighted, you can simply compose your email as normal and attach any images you want. The message will be encrypted when you send it.

Google says that it will be accepting beta applications and allow-listing customers over the next several weeks. However, users with personal Google Accounts are still not able to use this service as of yet.

Nor will it be available to Google Workspace Essentials, Business Starter, Business Standard, Business Plus, Enterprise Essentials, Education Fundamentals, Frontline, and Nonprofits, as well as legacy G Suite Basic and Business customers.

Basically, unless you’re paying for premium Workspace services, you will not be able to get access to end-to-end encryption on Gmail. Which remains one of the most requested features for the service’s users.

The vast majority of Gmail users will have to simply wait for a wider rollout of encryption, but as it looks like Google is monetising the service as a premium feature, it will either take a significant amount of time for this to happen, or a limited version will be made available for free.

Premium Workspace users can apply to take part in the beta here.

[Image – Stephen Phillips – on Unsplash]


About Author


Related News