According to an article recently published in PC magazine, Yahoo and Google have teamed up to boost email encryption services for all users. This fall the two giants plan to release source code to the open source community to refine the experience and eliminate bugs and fully roll out end-to-end email encryption capabilities in 2015. What is driving this broad-scale push for secure email?
It’s the widespread and justifiable privacy concerns running rampant within the general public. This is why Yahoo and Google are developing a secure email system that would make it nearly impossible for hackers or government officials to peruse the messages exchanged between private citizens.
Beyond protecting email users from hackers and government surveillance, secure email capabilities will also preclude Yahoo and Google from delving into user correspondence on their networks. Why is this important?
Because if Yahoo and Google can access user correspondence, they can be legally mandated to turn over the contents by court order. However, if they never have purview in the first place, they can’t turn over what they don’t have.
The most secure email solutions preserve email privacy for not only the sender and the recipient but also the service provider. However, email security provisions are only as effective as they are practical. The reason that email encryption tools have yet to establish a solid foothold within the general population is two-fold. First, tools that require that senders and recipients install the same encryption software to correspond securely are simply too complicated for everyday email users. And second, up until the recent revelations around government monitoring of private correspondence, personal email security has not been top-of-mind within the general population.
The importance of email privacy assumes a whole new magnitude when the public thinks that the government is spying on private citizens. Apprehension around widespread surveillance has created a groundswell demand for privacy protections, and Yahoo and Google are moving quickly and decisively to address user concerns.
The question that remains is no longer if and when email encryption will happen – it’s how it will be designed and rolled out. To better understand the nuances around email security, it’s important to distinguish between the body of the email and attached files. When a hacker or surveillance team infiltrates an email stream, there’s a treasure trove of personal information to be found, and not just within the content of the bodies of the emails.
The attachments that people send and receive can be the most risky component of the email exchange because they often contain personally identifiable and confidential information, and email users often don’t understand the risks. There are documents like loan applications, transcripts, investment statements and more that contain account numbers, social security numbers, home addresses and more. And then there are the documents that are seemingly innocuous – things like electronic receipts, hotel confirmations, and airline itineraries.
Email users send and receive these sensitive documents without giving it a second thought because the risk of breach on an individual level seems exceedingly low. However, if a sensitive document ends up in the wrong hands, the fall-out can be devastating.
More secure email is critically important for both users and providers – and it’s undeniably riding the wave of the future.