Looking at End-to-end Encrypted Email Services

In this video, we’re taking a look at end-to-end encryption with email services. Now, typical email will send email to and from a computer. That’s generally how it’s designed. However, the problem is if someone’s able to get in the middle of that communication, they can intercept, receive, and even transmit a different email than what you’re intending. That’s where end-to-end encryption can come in handy. So the importance of end-to-end encryption is being able to encrypt your email in order to secure it, much like a VPN service will help encrypt your internet traffic. So if you have end-to-end encrypted traffic, your email is encrypted in transit.

So if someone in the middle receives it, they won’t be able to read it in theory, just like when it’s coming back to you, that email communication’s still encrypted. And the person intercepting it shouldn’t be able to read it, as long as it’s good encryption. So just to throw this out, workplace encryption, if you have an encrypted email service for work, chances are your workplace can still read your mail. Now this isn’t saying that your place of employment is spying on you. However, there are legal requirements for businesses to be able to retrieve and read certain emails in case of litigation. So chances are, that’s why they’re able to do that. So not all encryption’s the same.

So a lot of different email services have either some encryption or no encryption. So Gmail will encrypt their emails in transport, meaning that when the email’s being sent out, that email’s encrypted. Outlook has encryption, but it’s not enabled by default. Yahoo’s encrypted. ProtonMail has end-to-end encryption. And Hushmail has end-to-end encryption, for example.

So this is ProtonMail. So ProtonMail is one of my favourite email services. It’s free. There is a paid version. However, it operates much like a normal email service. So you can compose an email. You can send emails. You could put in attachments. You can put an expiration time. So if I want the email to expire, I can set an expiration time. And I can set a password for people that don’t have ProtonMail, which is really handy. Other than that, there’s a contact list there. You could label your emails. You could sort your emails. Again, this is much like any other email service.

Now, the thing that’s important to know about ProtonMail is that it is end-to-end encrypted as long as you’re dealing with another ProtonMail email recipient. So if I send email to another ProtonMail user, the email is encrypted at rest, in transport, and when it’s being sent back to me. However, if I have an email I’m sending to, say, a Gmail user or Outlook user, my email is encrypted on my computer. When I send it, it’s encrypted. But when it’s received, it’s not encrypted anymore because Gmail, Outlook, what not, doesn’t know how to unencrypt that information. So ProtonMail doesn’t encrypt the email when it gets there. That’s why the password is a handy feature for ProtonMail.

So you do want to be aware of that. And typically, email that’s end-to-end encrypted is going to work within its own ecosystem. Once you get outside that, I wouldn’t rely on an email being encrypted anymore. So to wrap things up, not all encryption is the same. Just because your email’s encrypted, not all encryption is going to be the same as we just went over. Encryption doesn’t mean 100% privacy. Again, for compliance reasons, even if your email’s encrypted at work, chances are they can still unencrypt it if they need to for a legal obligation. Sending an encrypted email to a non-encrypted address, chances are that email was not going to be encrypted once at rest at the recipient’s email box.

So this was about email encryption. In the next video, we’re going to go over why you shouldn’t use your email for storage. Thank you for watching. I’ll see you in the next video.