Google developers announced that they are adding end-to-end encryption (E2EE) to the web version of Gmail, which will allow Google Workspace users to send and receive encrypted emails inside and outside their domain.
The company says this ensures that Google’s servers cannot decrypt sensitive data sent in the email body and attachments (including embedded images). In this case, the message header (including the subject, timestamps, and recipient lists) is not encrypted.
Google calls this encryption “client -side encryption” and it has already worked for users of Google Drive, Google Docs, Sheets, Slides, Google Meet and Google Calendar (beta).
“You can use your own encryption keys to encrypt your organization's data (in addition to the default encryption provided by Google Workspace). With client-side encryption, Google Workspace encrypts the content in the client browser, that is, before any data is transmitted or stored in the Drive cloud storage,” the company explains.
The Gmail E2EE beta is already available for Google Workspace Enterprise Plus, Education Plus, and Education Standard customers. They can apply to participate in the beta testing until January 20, 2023.
Unfortunately, this functionality is not yet available for users with personal Google accounts or Google Workspace Essentials, Business Starter, Business Standard, Business Plus, Enterprise Essentials, Education Fundamentals, Frontline, Nonprofits, and legacy G Suite Basic and Business customers.