What if there were one thing we could do today to make it harder for the NSA and other intelligence agencies to eavesdrop on millions of people's email communications, without users having to change their habits at all?
There is. It's called STARTTLS for email, a standard for encrypting email communications. 2014 saw more and more email providers implementing it.
STARTTLS for email is described as server-to-server encryption, because it protects your email from eavesdroppers on the Internet, but not from your email provider, who runs the servers that send and receive your email. Server-to-server encryption is contrasted with end-to-end encryption like PGP and S/MIME, which additionally protect your email contents against snooping by your email provider. Both are valuable and we encourage the use of both.
The spread of server-to-server encryption is especially encouraging because it protects the metadata– who you speak with and when– that NSA collects even from Internet users suspected of no crime. As we and others have said before, the metadata is the message.
A year ago, when we published the first Encrypt the Web report, only four of the eighteen companies we surveyed protected their email with STARTTLS encryption. Today, thanks in part to EFF's involvement, more than twice as many of those companies do, reflecting implementations from Amazon, Microsoft, Yahoo, Facebook, Twitter, and LinkedIn. You can check your own email provider at starttls.info.
Those implementations, and many more from providers not listed, are reflected in much higher observed rates of protected email. Gmail reports 77% of their outbound email is successfully encrypted with STARTTLS, and Facebook encrypts 95% of their outbound mail.
But STARTTLS does have its major weaknesses. The initial handshake is subject to downgrade attacks that remove the necessary flags, so we began work on the STARTTLS Everywhere project, to provide an out-of-band channel so servers know when not to downgrade. In November, we described reports of the downgrade attack in the wild, with at least two ISPs intercepting email connections to remove encryption. In the coming year, we will step up the pressure on ISPs to stop this sort of interference with their customers' data.
End-to-end email encryption also saw big news this year with Google announcing a browser extension to provide PGP encryption in Gmail, and Yahoo committed to adapt it for their own webmail product. PGP email has historically suffered from being difficult to use, but dedicated engineering resources from these companies, as well as community-funded free software projects like LEAP and Mailpile, promise to make end-to-end encryption easier in 2015.
This article is part of our Year In Review series; read other articles about the fight for digital rights in 2014. Like what you're reading? EFF is a member-supported nonprofit, powered by donations from individuals around the world. Join us today and defend free speech, privacy, and innovation.