Whether for personal, business, or both, if you use Gmail for electronic communication, it’s important to understand how the service works, how it fails to secure your data, and what steps you can take to get the privacy you need.
Ready to venture out?
Google’s Approach to Message Security
Let’s assume you ought to deliver a Gmail newsletter. Given the numerous programs available, finding the best solution for creating your newsletter is difficult. Due to providing several templates as well as offering a simple design editor, we recommend VerticalResponse as the finest option for creating your newsletter. You must now protect these messages. Here’s where we come to the very beginning of our story.
TLS, or Transport Layer Security, is Google’s standard Gmail encryption mechanism. All messages you send via Gmail will be encrypted if the person you're sending email to uses an email server that supports TLS, which most major email providers do. This means that it will be incredibly difficult for anyone to see the message while on the way from point A to point B. However, this doesn’t guarantee that the message will remain private or only available to the recipient when it reaches the destination mail server.
Google, for example, has access to messages associated with your account, allowing it to analyze your email for potential spam and identity theft attacks and advanced services like Smart Reply, which suggests responses based on email content. Google also analyzed ad targeting messages but stopped doing so in 2017. And if you prefer not to have these smart suggestion features, you can always turn them off in your account, although this won’t directly affect focus.
When and how does this additional level of protection called Gmail Encryption apply? If the person you’re communicating with uses an e-mail server that doesn’t support TLS, the messages won’t be encrypted at all. Administrators with paid Google Workspace accounts can choose to allow just TLS encryption for sending and receiving messages, but this has drawbacks, such as outgoing messages being returned or certain incoming messages never reaching your inbox.
Option That’s Regarded as Upper Edge
S/MIME (Secure Multipurpose Internet Mail Extensions), which Gmail supports, is a more robust encryption algorithm. They are available only for paid Google Workspace Suite accounts. However, for people with enterprise-level workspace settings, S/MIME allows email to be encrypted with company-specific keys so that the subscriber remains safeguarded throughout delivery and communications can only be decoded by the intended receiver.
S/MIME, like TLS, operates only if both the sender and the receiver use a service that supports it, and solely if both parties have shared keys ahead, allowing for effective encryption configuration. Like TLS, it does nothing to keep a message safe when it reaches its actual destination server (and so again, in Gmail, Google itself will be able to analyze messages in its usual automated way). Finally, the workspace administrator must enable S/MIME before launching.
Google has been talking about adding end-to-end encryption to Gmail since 2014, but so far there hasn’t been much done (and maybe never, according to some analysis). The only way to gain this level of security in Gmail is to trust a third-party service like FlowCrypt, which is available as a desktop plugin for Chrome or Firefox and an Android email client. The iOS app is also available as a pre-launch test.
FlowCrypt adds a special “Encrypt and Send” button to your inbox interface, allowing you to send encrypted messages using the PGP standard (Pretty Good Privacy – yes, it’s called that). Your recipient will need to have FlowCrypt or another PGP system installed and will also need their personal PGP key to decrypt and view your messages. You can also use an application or extension to encrypt the message with a password, which you’ll have to give to the recipient somehow.
So, yes – it’s not that simple, and implementing third-party plugins isn’t ideal, but it can do the job. And it’s free, up to a certain point – you’ll have to pay € 5 per month for a premium membership to unlock the entire set of functions and eliminate all restrictions from the service. Business plans are also available with prices that vary depending on the total number of users involved.
And What About the Confidential Way Gmail Works?
Well, don’t put too much stock in it. The “Confidential” mode is Google's added feature to Gmail as part of its 2018 redesign service. The concept is that you can prevent someone from copying, forwarding, retrieving, or printing whatever you send them and specify an expiration date after which your message would no longer be accessible. You can also create a password, sent by e-mail or SMS, which is needed to open the message.
All this looks pretty good on the surface, but the problem is that there really isn’t much use when it comes to real security. Messages are still not encrypted from end to end, which means that Google and other email services can still view and store them. Nor does the slogan “don’t upload, copy, print, and download” mean much, as anyone can always take a screenshot of the message if they wish. Google said this feature has less to do with that level of security and simply discourages people from accidentally sharing sensitive information where they shouldn’t.
The same goes for message expiration dates and the fact that an ‘expired’ message still exists in your own Gmail “Sent” folder. The “Confidential” mode, in general, has the potential to be effective for what it is, but it lacks encryption and high-level privacy. In fact, some experts have even said that this method could create a false sense of security and discourage users from finding more serious solutions.
So, What Are the Other Options?
It’s advisable to go outside of Gmail for a separate email program like ProtonMail if you want end-to-end source encryption and the highest level of privacy available. It’s one of the best privacy and security apps on Android, and with good reason: it prioritizes privacy in a way that no other form of Gmail encryption can match. To begin, ProtonMail employs an open-source end-to-end encryption technique that ensures that no one other than the intended receiver, including ProtonMail employees, can view your messages.
Furthermore, you aren’t required to enter any personal information to use the app. The company does not save any IP addresses or other information that could be used to link your identity to your account. Their servers are also located in Switzerland, not less secure than famous underground bunkers below the Swiss Alps, which have their own obvious security advantages.
The following is how it works: ProtonMail creates a personalized email address for you based on your domain when you sign up. You may then send secure messages using this address in the app that ProtonMail created for iOS, Android, or web interface. Encryption happens automatically whenever you send an email to someone with a ProtonMail address. If you’re emailing to someone who doesn’t utilize ProtonMail, you can send it unencrypted, just like any other email, or you can use the button to create a password and trace that the recipient will need to decode and read your message.
ProtonMail doesn’t charge anything at its most basic level, providing you with one ProtonMail account, 500MB of storage, and up to 150 messages per day. You can get more storage space, more messages per day, and access to advanced features such as mail filters, an autoresponder system, and support for custom domains, starting at € 48 per year. Of course, it’s not sophisticated Gmail encryption, but you can import your Gmail messages, configure Gmail to route them to ProtonMail, or simply use ProtonMail as a Gmail add-on when you require the most security. This is a great option when privacy is a priority and you don’t want to take risks.