Google introduces end-to-end encryption for Gmail — finally! What this means for you
Google has rolled out a beta version of the Client-side encryption (CSE) for Gmail on Friday. CSE is meant for organisational use and this latest offering is only useful to those organisations that can generate their own decryption keys (read: IT companies).
Updated Dec 19, 2022 | 05:49 PM IST
Google has rolled out a beta version of the Client-side encryption (CSE) for Gmail on Friday
Photo : iStock
Tech giants vie with each other to provide us with the safest user experience in terms of our data. After Meta
offered us end-to-end encryption on WhatsApp back in 2016, Google
has finally enabled what it calls "end-to-end encryption" for Gmail
on the web. However, what it is offering is client-side encryption ( CSE
In this day and age of hacking and leaking becoming the increasingly common, end-to-end encryption is something we take for granted. And that not being a part of Gmail — an email service that dominates our tech lives — has been a source of major concern, if you were aware of it. The problem is that most of us weren’t.
What is Google offering?
Google has rolled out a beta version of the Client-side encryption (CSE) for Gmail
on Friday (December 16, 2022). It is currently accessible to customers on Google Workspace Enterprise Plus
, Education Plus and Education Standard. However, it has left out users on lower-placed Workspace tiers, personal Google accounts, and those on older G Suite Basic and Business plans.
According to a report on Android
Police — the tech news and review portal for Android platforms —the end-to-end encryption feature can be enabled by navigating to client-side encryption from the admin console of security settings under access and data control. As per a statement by Google, some features like multi-send mode, signatures, Smart Compose, translation, summaries, and ‘Confidential’ mode will not be available with CSE emails.
What is client-side encryption?
CSE is meant for organisational use and will be available to the users of Google Workspace Enterprise Plus, Education Plus, and Education Standard. Employees on the organisational Gmail system can send and receive emails across various other email carriers with safe encryption.
By encryption, the meaning here is that the service provider (like Google servers) cannot read the emails. Note that it is NOT completely encrypted as the company administrators can encrypt and decrypt data on Google services as they will have the decryption key. The company (your office’s IT cell) will be able to see all the interactions between everyone hosted on its system (you and your colleagues who are using Google Workspace Enterprise Plus).
What it does provide is the protection from any hacking attempt during the start or the end or during the transit of the email. And that’s that. “Using client-side encryption in Gmail ensures sensitive data in the email body and attachments are indecipherable to Google servers. Customers retain control over encryption keys and the identity service to access those keys,” Google has said in a statement.
So in its current form, CSE is only useful to those organisations that can generate their own decryption keys (read: IT companies).
What’s the difference between CSE and “end-to-end encryption”?
The end-to-end encryption (as the one offered by WhatsApp) is offered at an individual level. As in, only the sender and the receiver can decrypt the message and no one else.
What this means for you?
As of now — nothing. The service has not yet been rolled out for personal accounts. The beta version for CSE accounts will be available until January 20, 2023, but will extend to Gmail for Android and iOS later. It will take certainly longer than 2022 for all your emails to be encrypted like your WhatsApp chate. But we hope we are able to get it by this time in 2023.