January 13, 2010 | By Peter Eckersley

Gmail Takes the Lead on Email Security

Last night, Google announced that Gmail sessions will now be fully encrypted with HTTPS by default. This is excellent news — EFF congratulates Google for taking this significant step to safeguard their users' privacy and security.

Previously, it was possible to encrypt your access to Gmail, but it required altering the default configuration. Now every Gmail user will get the benefits of encryption without needing to know that they need it.

With this development, Google has taken a clear two-step lead over its competition: other major hubs for personal communication such as Facebook, Yahoo! mail, Hotmail, and LiveJournal do not even make the use of HTTPS possible, let alone the default. A handful of smaller, specialist webmail providers do offer HTTPS, but Google is alone in bringing basic email security to the mainstream Web.

Frankly, it's time for Facebook, Yahoo!, Microsoft, and company to raise their game. If you are using those email services, then anyone using the same local network as you can read your communications or break into your account. And that's just not good enough.

P.S.: A great next step for Google would be to implement HTTPS for Google Search. Until that happens, the only way to get private, encrypted searches is by using a an HTTPS search engine like Ixquick or a third-party proxy to Google like ssl.scroogle.org, which requires users to trust the proxy operator. We understand that there are some latency costs to delivering search over HTTPS, and while new standards are needed to solve that problem, there's no reason not to offer optional search encryption in the mean time.


Deeplinks Topics

Stay in Touch

NSA Spying

EFF is leading the fight against the NSA's illegal mass surveillance program. Learn more about what the program is, how it works, and what you can do.

Follow EFF

Tell your lawmakers: it's time to #MoveFASTR. Support public access to publicly funded research today. https://eff.org/r.2iql

Jul 28 @ 12:56pm

The public deserves access to the research it funds. Read @CreativeCommons on why -now- is the time to #MoveFASTR: https://eff.org/r.o0l4

Jul 28 @ 12:50pm

Over 1,000 users support our campaign to stop ridiculous copyright extensions in TPP. Sign on now: https://eff.org/r.bk2l

Jul 28 @ 12:10pm
JavaScript license information