Q. What are my options to protect my e-mail from snooping?
A. This question is a two-parter. If you want to protect your e-mail while it’s making its way across the Internet, you may not have to do anything. But if you want to secure it even while it’s on your mail service’s computers, you and your correspondents need to get to work.
In the bad old days, e-mail messages traveled from server to server as the equivalent of postcards, readable by anybody who could capture them flitting by. That’s changed dramatically in the past few years, thanks to widespread adoption of “Transport Layer Security” (TLS) encryption.
The beauty of this is that you don’t have to do anything; your e-mail service just has to enable this feature on its servers.
And since Google began campaigning for TLS support and warning Gmail users with a red open-padlock icon that they were writing to a recipient whose service doesn’t do TLS, adoption has taken off.
At the Google I/O conference in May, security product manager Stephan Somogy said that after Gmail began showing that heads-up, TLS adoption jumped by 20%. (The easiest way to see if your own mail service supports TLS: start an e-mail to yourself from anybody’s Gmail account and see if that red open padlock appears next to your address.) Today, 86% of messages sent from Gmail are protected by TLS.
Install a ‘crypto’ app
Full-time encryption, however, takes more work because both parties must use the right “crypto” app. That’s now in the news after the revelation that Yahoo scanned incoming emails on behalf of a U.S. intelligence agency to find a digital signature associated with a terror organization. The Yahoo incident would be the first case of a U.S.-based Internet company searching all incoming messages.
Beyond government surveillance, you might also want to encrypt your e-mail to stop it from being scanned automatically for advertising purposes or to guard against malware exposing your messages, on your computer or when stored on a mail provider’s servers.