- This tiny Bluetooth speaker delivers loud, distortion-free sound - and it's on sale
- 2025 Cyber Security Predictions: Navigating the Ever-Evolving Threat Landscape
- Not Just Another List of Top 10 Metrics You Should Measure
- My new favorite headphones for swimming come bundled in a unique charging accessory
- Why I recommend this Windows laptop to creatives and professionals - even if it's meant for gamers
Google to Switch on E2EE for All Gmail Users
Google today announced a major new initiative set to boost corporate security, compliance and data sovereignty efforts, by making end-to-end encryption (E2EE) available to all users.
Announced on the anniversary of the launch of Gmail, the plan is to roll out E2EE in beta – first to users within the same organization, then all Gmail users, and finally users of any email service.
The tech giant explained that it has worked hard behind the scenes to overcome the technical complexity traditionally associated with encrypting email data at rest and in transit.
“The Secure/Multipurpose Internet Mail Extensions (S/MIME) is a protocol that enables sending digitally signed and encrypted messages. It is typically used for highly sensitive emails among regulated organizations, such as government agencies and businesses that work with them,” Google said.
“While more organizations have real needs for E2EE emails, few have the resources to implement S/MIME. IT teams need to acquire and manage certificates and deploy them to each user, resulting in additional efforts and costs. And end users have to figure out whether they and the recipient have S/MIME configured (few do) and then go through the hassle of exchanging certificates before the encrypted emails can be exchanged.”
Read more on E2EE: Experts Dismayed at UK’s Apple Decryption Demands
Alternatives to S/MIME might require sharing of encryption keys with email providers, undermining data privacy and increasing sovereignty risks, Google added. Proprietary point solutions might introduce extra complexity, requiring custom apps, portals or browser extensions.
Google claimed its E2EE service can be enabled in “just a few clicks” without the need to exchange custom certificates or use specialized software. Because encryption keys are controlled by the customer and not the provider, it is extra secure.
While the experience is seamless for recipients who are Gmail users, those who aren’t will receive an invitation to view an E2EE email in a restricted version of Gmail. The recipient will then need to use a guest Google Workspace account to securely view and reply to the email.
It remains to be seen what governments and law enforcers think about the offering. The likes of Apple and Meta have been often criticized by authorities for failing to provide backdoor access to content during criminal investigations.
Last month, Apple shocked the world when it chose to remove E2EE for UK iCloud customers, rather than accede to demands from the British government to let it access encrypted customer content.
Image credit: JarTee / Shutterstock.com
