Client side encryption (CSE), a means of protecting and controlling access to personal or corporate data, has arrived for Gmail.
In a blog post (opens in a new tab) Announcing the news, the tech giant notes that while Google Workspace already encrypts data using secure cryptographic libraries, CSE gives Workspace users and administrators “full control” over their cryptographic keys and access to data.
That is, it should mean that no one can read sent messages emails or calendar entries, but those of an organization and the recipients.
A Gmail encryption history
As The edge (opens in a new tab) points out that Google has been trying to bring CSE to Gmail since 2014 (opens in a new tab).
In these beautiful days, the day after Edward Snowden’s Revelation totally legal and constitutional surveillance programs (*fingers crossed*) by the US National Security Agency (NSA) meant that the data privacy protections were on the minds of the whole world.
The main encryption solution at the time was Pretty Good Privacy (PGP), an open source standard which at the time had stood for twenty years while being completely unintuitive for an end user, who would not, for example , able to reset a forgotten password, as even Google wouldn’t keep them on file.
Google made CSE available for other Workspace apps in October 2022, including its cloud storage solution Drive, Docs, Sheets, and Slides, and video conferencing software Meet.
The CSE finally arrives for Gmail, Google Calendar and all of the Workspace apps suggest that common ground has been found. Those working in privacy-dependent industries also seem optimistic about it.
“Client-side encryption gives us a higher level of privacy, to ensure the integrity of the journalistic process,” said Sacha Morard, chief technology officer of media conglomerate (and Google Workspace client) Groupe Le Monde.
“This allows us to guarantee a higher level of security for our journalists, and to protect our sensitive content.”
