Skip to content
Technology & Innovation

Have You Ever Tried to Encrypt Your E-mail? It’s Really Hard.

A layman's lament.

When it comes to privacy, I always suggest the simplest solutions: “Download this app” or “Use this service instead of that.” But when it comes to e-mail encryption, there’s no easy way to break it down.

Yes, protecting your privacy online has never been so easy. Applications for iOS and Android devices, such as Signal, and built-in encryption functions for instant messaging, such as Off-The-Record (OTR), are perfect solutions to protect the privacy of the not-so-tech-savvy. However, setting up e-mail proves to be one of the biggest barriers for users. It takes a lot of mental energy to figure out, set up, and use PGP (Pretty Good Privacy) encryption for e-mail. Even by the end of the process, the system may require troubleshooting.

To underscore this point, a group of researchers tried to measure how difficult it would be for a group of people to setup PGP. In this study, the researchers “brought in pairs of participants and had them attempt to use Mailvelope to communicate with each other. Our results shown that … modern PGP tools are still unusable for the masses.”

The test “demonstrated that when our test participants were given 90 minutes in which to sign and encrypt a message using PGP 5.0, the majority of them were unable to do so successfully.”

Event security expert Bruce Schneier says, “E-mail is fundamentally unsecurable.” Instead of trying to figure it out, he says, “I advise people who want communications security to not use e-mail, but instead use an encrypted message client like OTR or Signal.”

There are a lot of step-by-step pieces for securing your online life. One of my personal favorites is How to be Anonymous Online, a guide to Tor, Tails, and securing e-mail. But, as the researchers point out, “We do not believe that home users can be made to cooperate with extensive tutorials, but we are investigating gentler methods for providing users with the right guidance.”

The smaller and simpler, the more likely consumers will comply, the researchers write. I disagree.

The more designers integrate this encryption technology into users’ systems, the more consumers will comply. The people want privacy, and everyone should be able to access it. But the architects and designers have a responsibility to help make sure their products are designed with this option.

***

Natalie has been writing professionally for about 6 years. After graduating from Ithaca College with a degree in Feature Writing, she snagged a job at PCMag.com where she had the opportunity to review all the latest consumer gadgets. Since then she has become a writer for hire, freelancing for various websites. In her spare time, you may find her riding her motorcycle, reading YA novels, hiking, or playing video games. Follow her on Twitter: @nat_schumaker

Photo Credit: Shutterstock


Related

Up Next