Client-side encryption (CSE), a means of protecting and controlling access to personal or corporate data, has arrived for Gmail.
In a blog post announcing the news, the tech giant notes that, while Google Workspace already encrypts data using secure cryptographic libraries, CSE gives Workspace users and admins “total control” over their cryptographic keys and access to data.
Simply put, this should mean that no-one can read sent emails or calendar entries but those in an organization and the recipients.
A Gmail encryption history
As The Verge points out, Google has been trying to bring CSE to Gmail since 2014.
In those halcyon days, the aftermath of Edward Snowden’s disclosure of the US’ National Security Agency’s (NSA) totally legal and constitutional (*fingers crossed behind back*) surveillance programmes meant that data privacy protections were on the whole world’s mind.
The leading encryption solution back then was Pretty Good Privacy (PGP), an open-source standard that had, at the time, endured for twenty years while being wholly unintuitive to an end user, who wouldn’t, for instance, be able to reset a forgotten password, because even Google wouldn’t keep them on file.
Google made CSE available for other Workspace applications in October 2022, including its Drive cloud storage solution, Docs, Sheets and Slides, as well as its Meet video conferencing software.
CSE finally arriving for Gmail, Google Calendar, and the whole raft of Workspace apps suggests that a middle-ground has been found. Those who work in industries reliant on privacy seem optimistic about it too.
“Client-side encryption gives us the next level of privacy, to ensure integrity within the journalistic process,” said Sacha Morard, Chief Technology Officer of media conglomerate (and Google Workspace customer) Groupe Le Monde.
“This allows us to guarantee a higher level of security for our journalists, and to protect our sensitive content.”
- Here’s our list of the best endpoint protection services right now