Around half of the world's emails are unencrypted, which means spies can swoop down on these emails to find out what people are talking about, and Google vows to promote encryption by taking the wraps off a Chrome extension to enhance email privacy for users.
End-to-End is a browser add-on for Chrome that will encrypt and decrypt all information sent from and received on the Chrome browser. It is still in the alpha stage, and will not be available as a full-fledged extension on the Chrome Web Store just yet, because Google is taking its time to smooth out the wrinkles of the extension.
"The End-to-End team takes its responsibility to provide solid crypto very seriously, and we don't want at-risk groups that may not be technically sophisticated - journalists, human-rights workers, et al - to rely on End-to-End until we feel it's ready," writes Google on End-to-End's home page.
Google is relying on its community of third-party developers to test and evaluate the code before releasing the extension to the general public and is offering monetary rewards ranging from $100 to $20,000 to anyone who discovers any flaws and kinks in the code.
Google is not the first to offer end-to-end encryption. Tools such as PGP and GnuPG have been offering the service for quite some time, although they require sophisticated technical knowledge to use properly. Stephan Somogyi, product manager for security and privacy at Google, says they are hoping the release of End-to-End will provide people "that extra layer of security" when sending and receiving emails from whichever email clients.
In a transparency report released Tuesday, Google revealed that while it uses transport layer security (TLS) protocol to encrypt all emails sent from Gmail, only 65% of all emails coming from Gmail to other email clients are encrypted. That is because all email providers must use the same protocol to ensure encryption of all emails. Google also said that only 50% of emails sent from other providers to Gmail are encrypted.
"Gmail is capable of encrypting the email it sends and receives, but only when the other email provider supports TLS encryption. In other words, encrypting 100% of all email on the Internet requires the cooperation of all online mail providers," writes Google.
The report shows that, among the most popular websites in the world, Facebook, Amazon, Twitter and Yahoo encrypt 99% to 100% of all incoming emails from Gmail, while eBay's ED10, GroupOn and email marketing solutions provider ConstantContact encrypt almost none of their inbound messages.
Yahoo, AT&T and Yahoo's merger SBC Global, AOL and Craigslist are at the top of the list when it comes to protecting users' emails going out to Gmail, with encryption rates between 99% and 100%. On the other hand, Me.com by Apple, Comcast, MSN, Hotmail, Live and Mail.ru all fared poorly, encrypting less than one percent to none of users' emails sent to Gmail.