In recent years and months, privacy and security have become of paramount importance when selecting and utilizing various online platforms. TikTok is something of an anomaly in this regard, but we digress. Google has announced client-side encryption for Gmail, which is available for beta testing for Google Enterprise and Education customers. This change reflects the public’s pursuit of privacy.
Friday, the Mountain View, California-based company announced that access to client-side encryption for Gmail would be expanded. This indicates that the contents of the email and any attachments are “unreadable by Google servers.” Therefore, Gmail users will effectively have complete control over their data and content, so long as they maintain control over their encryption keys and the service used to access them.
Google Workspace Enterprise Plus, Education Plus, and Education Standard users can sign up for the client-side encryption feature by applying to the beta before January 20, 2023. Google already encrypts data in transit and at rest between Google facilities and Google facilities, respectively.
Law enforcement agencies will likely oppose this new feature, similar to the FBI’s position on iCloud backups. However, Google’s actions are not particularly novel, as email providers such as ProtonMail have always offered client-side encryption if desired. Therefore, it is unlikely that any opposition will be effective, and the additions will only benefit consumers.
At the end of the day, we are ecstatic to see encryption improve personal privacy and security. Defense in depth is a common cybersecurity strategy used to protect data, personal information, and assets, which can be extended to include any email-related data. Google’s addition of client-side encryption strengthens the control consumers have over their data and its security by adding another layer to this strategy.