When you mail a letter to your friend, you hope she’ll be the only person who reads it. But a lot could happen to that letter on its way from you to her, and prying eyes might try to take a look. That’s why we send important messages in sealed envelopes, rather than on postcards… Email works in a similar way. Emails that are encrypted as they’re routed from sender to receiver are like sealed envelopes, and less vulnerable to snooping—whether by bad actors or through government surveillance—than postcards.
Google notes that Gmail has always used encryption in transit using Transport Layer Security (TLS), but that doesn’t do much if the email client on the other end isn’t doing the same. Around 40 to 50 percent of emails between Gmail and others aren’t encrypted, according to Google, and it provided the following chart of what services are using encryption:
Users can also filter the results pictured above by country, which show “the percentage of email encrypted for the top domains in terms of volume of email to and from Gmail, in alphabetical order.” The data is available to download and search is available to get a percentage for a specific URL exchanging email with Gmail.
To go along with the announcement, Google is launching a new tool in alpha called End-To-End that comes in the form of a Chrome extension and allows users to encrypt data leaving the browser:
While end-to-end encryption tools like PGP and GnuPG have been around for a long time, they require a great deal of technical know-how and manual effort to use. To help make this kind of encryption a bit easier, we’re releasing code for a new Chrome extension that uses OpenPGP, an open standard supported by many existing encryption tools.
Google hopes to make the extension available to all eventually, but for now is making the code available to the developer community for testing.