Fully encrypted email has been available in at least some form for Gmail since the end of 2022, but now it's finally ready for mobile.Google is now offering end-to-end encryption (E2EE) for Gmail on Android devices and iPhones through the official email app.The move comes days after Google simplified encryption for Workspace users on the desktop, and follows a similar approach.
If both the sender and recipient are using the Gmail app, encrypted messages will appear like typical email threads.You only have to tap the lock icon and choose "additional encryption." Recipients who don't use the Gmail client will be sent to a secure web page to read and reply to those messages.As with the earlier rollout, end-to-end encryption access is currently limited to organizations using Google Workspace, particularly those using an Enterprise Plus plan with either the Assured Controls or Assured Controls Plus add-on.
Your administrator will have to enable client-side encryption on Android and iOS.Why does end-to-end encryption matter for Gmail? It's not just more secure, it's the law As Google is eager to explain, end-to-end encrypted email has historically been difficult.Companies have typically needed to implement Secure/Multipurpose Internet Mail Extensions (S/MIME) by issuing security certificates to every user, while the users have to enable and exchange those certificates before they can even begin sending emails.
They may also need to use separate apps and web portals.Related What Is End-to-End Encryption, and Why Does It Matter? The best way to keep your sensitive data safe from prying eyes.Posts Google's approach still isn't completely seamless, given that some recipients still have to rely on web browsers.
However, it streamlines the process for both you and your employer's IT manager.You don't have to obtain or even understand certificates — so long as both sides have the technology enabled, a quick toggle is all you need to get started.The move makes it more likely that you'll use end-to-end encryption, and thus lock down sensitive data (including attachments) the moment you send a message.
There should be less chance that criminals or government surveillance agents will intercept your conversations.Subscribe for practical Gmail E2EE guidance and insights Get the newsletter for concise, practical breakdowns of Gmail's end-to-end encryption, what it means for privacy and compliance, and clear steps Workspace admins and users need to enable and use E2EE securely.Get Updates By subscribing, you agree to receive newsletter and marketing emails, and accept our Terms of Use and Privacy Policy.
You can unsubscribe anytime.This isn't just about maintaining company security policies.In some cases, it might be required under the law.
Legislation like the European Union's General Data Protection Regulation (GDPR) has firm rules governing privacy and security when handling info.There may be legal consequences if your employer doesn't do enough to shield sensitive data.Some governments, including the EU, also have data sovereignty laws or initiatives that require storing at least some data within their borders.
End-to-end encryption reduces the chances that something you send through Gmail will land in another country.
Read More
