Google has announced that Gmail and Calendar will now be equipped with client-side encryption (CSE) after months of testing the feature. The privacy controls will allow organisations to have control over their own data and who has access to it.
Users can send and receive encrypted emails or create encrypted meeting events within their organisations or to external parties, and the encryption will happen before it reaches Google’s servers. This feature follows the rollout of CSE to other Google products such as Drive, Docs, Slides, Sheets, and Meet.
Google has also made a decrypter tool available in beta for Windows that can decrypt client-side encrypted files and emails exported through Google Vault or Data Export tool. The macOS and Linux versions of the tool will be launched in the future.
Google’s solution aims to reduce the compliance burden for public sector organisations and businesses by making sure no third-party, including Google, can access confidential data. The feature is globally available for Workspace Enterprise Plus, Education Standard, and Education Plus customers, but not for personal Google Accounts.
It is important to note that client-side encryption is different from end-to-end encryption (E2EE) as super administrators can toggle the setting on/off and have control over the encryption keys created.
Google’s development of CSE for Gmail and Calendar is a significant move towards data privacy and security for users. However, CSE doesn’t provide complete protection as Google servers can still read the email metadata, such as the subject line and recipient’s address.
