A year after revelations first emerged from former National Security Agency contractor Edward Snowden about mass Internet surveillance, more e-mail providers are adopting encryption, a simple change that could make it harder for spy agencies to vacuum up huge numbers of communications in transit.
In an analysis released this week, Google said 65 percent of the messages sent by Gmail users are encrypted when delivered, meaning the recipient’s provider also supports the encryption needed to establish a secure connection for transmission of the message. (Establishing a secure communication channel requires both e-mail providers to exchange encryption keys beforehand. Even if an e-mail provider tries to encrypt messages by default, messages will be sent in the clear to providers that do not support encryption.) Gmail has more than 425 million accounts worldwide and was an early adopter of e-mail encryption.
Only 50 percent of incoming messages are encrypted, Google says, but that’s up from 27 percent on December 11, 2013. And the numbers could get even better as more providers offer encryption by default to their customers. Charlie Davis, a Comcast spokesman, says the Internet service provider is working on it and plans to “gradually ramp up encryption with Gmail in the coming weeks.”
There are still significant gaps: less than 1 percent of traffic to and from Gmail from Comcast and Verizon is currently encrypted, and fewer than half of e-mails from Hotmail accounts to Gmail are encrypted.
What’s more, messages are protected only in transit—there’s nothing to stop the NSA from reading them if it gains access to an e-mail provider’s servers. Even here, though, the tide may be turning: on Tuesday Google released draft source code of a tool, called End-to-End, that would secure a message from the moment it leaves one browser to the moment it arrives at another—meaning even e-mail providers couldn’t read them as they travel between two people, because they wouldn’t have the keys needed to decrypt those messages.
Stephen Farrell, a computer scientist at Trinity College in Dublin and a member of the Internet Engineering Task Force, the group of engineers who maintain and upgrade the Internet’s protocols, says the Google data shows progress. “More e-mail is being encrypted between mail servers,” he says. “One would hope that’s a general, and good, trend.”
Embarrassed by Snowden’s revelations, many Silicon Valley giants are advertising increased use of encryption. Last month, Facebook reported that about 58 percent of the notification e-mails it sent out were encrypted from its systems to recipients’ e-mail providers.
A Roomba recorded a woman on the toilet. How did screenshots end up on Facebook?
Robot vacuum companies say your images are safe, but a sprawling global supply chain for data from our devices creates risk.
A startup says it’s begun releasing particles into the atmosphere, in an effort to tweak the climate
Make Sunsets is already attempting to earn revenue for geoengineering, a move likely to provoke widespread criticism.
10 Breakthrough Technologies 2023
These exclusive satellite images show that Saudi Arabia’s sci-fi megacity is well underway
Weirdly, any recent work on The Line doesn’t show up on Google Maps. But we got the images anyway.
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.