Skip to Content

A Simple Plan to Impede the NSA Is Taking Hold

More e-mail providers are using encryption, meaning messages can’t be intercepted and read by the NSA or hackers.

A year after revelations first emerged from former National Security Agency contractor Edward Snowden about mass Internet surveillance, more e-mail providers are adopting encryption, a simple change that could make it harder for spy agencies to vacuum up huge numbers of communications in transit.

In an analysis released this week, Google said 65 percent of the messages sent by Gmail users are encrypted when delivered, meaning the recipient’s provider also supports the encryption needed to establish a secure connection for transmission of the message. (Establishing a secure communication channel requires both e-mail providers to exchange encryption keys beforehand. Even if an e-mail provider tries to encrypt messages by default, messages will be sent in the clear to providers that do not support encryption.) Gmail has more than 425 million accounts worldwide and was an early adopter of e-mail encryption.

Only 50 percent of incoming messages are encrypted, Google says, but that’s up from 27 percent on December 11, 2013. And the numbers could get even better as more providers offer encryption by default to their customers. Charlie Davis, a Comcast spokesman, says the Internet service provider is working on it and plans to “gradually ramp up encryption with Gmail in the coming weeks.”

There are still significant gaps: less than 1 percent of traffic to and from Gmail from Comcast and Verizon is currently encrypted, and fewer than half of e-mails from Hotmail accounts to Gmail are encrypted.

What’s more, messages are protected only in transit—there’s nothing to stop the NSA from reading them if it gains access to an e-mail provider’s servers. Even here, though, the tide may be turning: on Tuesday Google released draft source code of a tool, called End-to-End, that would secure a message from the moment it leaves one browser to the moment it arrives at another—meaning even e-mail providers couldn’t read them as they travel between two people, because they wouldn’t have the keys needed to decrypt those messages.

Stephen Farrell, a computer scientist at Trinity College in Dublin and a member of the Internet Engineering Task Force, the group of engineers who maintain and upgrade the Internet’s protocols, says the Google data shows progress. “More e-mail is being encrypted between mail servers,” he says. “One would hope that’s a general, and good, trend.”

Embarrassed by Snowden’s revelations, many Silicon Valley giants are advertising increased use of encryption. Last month, Facebook reported that about 58 percent of the notification e-mails it sent out were encrypted from its systems to recipients’ e-mail providers.

Keep Reading

Most Popular

light and shadow on floor
light and shadow on floor

How Facebook and Google fund global misinformation

The tech giants are paying millions of dollars to the operators of clickbait pages, bankrolling the deterioration of information ecosystems around the world.

street in Kabul at night
street in Kabul at night

Can Afghanistan’s underground “sneakernet” survive the Taliban?

A once-thriving network of merchants selling digital content to people without internet connections is struggling under Taliban rule.

illustration of Psyche spacecraft
illustration of Psyche spacecraft

NASA wants to use the sun to power future deep space missions

Solar energy can make space travel more fuel-efficient. 

storm front
storm front

DeepMind’s AI predicts almost exactly when and where it’s going to rain

The firm worked with UK weather forecasters to create a model that was better at making short term predictions than existing systems.

Stay connected

Illustration by Rose WongIllustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.