Takeaways from Google’s Transparency Report

Google has been in the news recently for having publicly released a Transparency Report that analyzes how many emails sent to/from Gmail accounts are protected with encryption. In Google’s terms, an unencrypted email is as “open to snoopers as a postcard in the mail,” meaning that anyone from an identity thief to the NSA can simply read unencrypted emails without difficulty as they pass across the Internet. This issue concerns anyone who sends private information via email, which today includes just about everyone.

As part of their Transparency Report, Google released a chart showing the percentage of emails that were encrypted when sent between Gmail.com and list of high-traffic email domains. Domains, in this sense, equate to companies that either send or receive emails to/from everyday Gmail users, from social media networks to ecommerce websites to personal email services. The chart can be found at the link below. While reading this chart, it is important to consider which domains send/receive emails that contain sensitive, private information and which domains mainly send newsletters containing public announcements. For example, some domains such as Groupon.com and ConstantContact.com encrypt very few of their emails sent to Gmail users, but these companies’ emails are generally newsletters sent in bulk to hundreds or thousands of people, for which privacy matters little.

On Google’s report, many high-traffic domains that send private information do, to their credit, encrypt the vast majority of their inbound and outbound emails: Amazon.com, Facebook.com, Linkedin.com, Twitter.com, AOL.com, MSN.com, and Yahoo.com.

The red flag that many readers may overlook is that two notable high-traffic email domains, Comcast.net and Roadrunner.com (Time Warner Cable’s ISP/email service), encrypt less than 1% of their emails sent to Gmail accounts.

According to Google, email encryption via Transport Layer Security, or TLS, can greatly deter snoopers and is as easy for companies to enable as flipping on a switch. Even so, Google announced that they will be stepping in and releasing a new plugin for their Chrome browser that will encrypt emails end-to-end. Google even plans to make this plugin’s encrypted emails so secure that not even Gmail itself can read the contents. At first glance, this may seem strange for Google, a company that relies on selling advertisements targeted towards users based on the contents of their emails. But perhaps Google sees the long-term value of fostering consumer trust and loyalty by getting ahead of the hot topic that is online privacy.

Google’s Transparency Report:
http://www.google.com/transparencyreport/saferemail/

Further reading:
http://www.usatoday.com/story/tech/2014/06/03/google-email-security-gmail-snowden/9920473/