After Edward Snowden revealed the massive scale of the NSA secret surveillance programmes, many tech companies were said to have helped the security agency with their spying. However, soon there were to be denials and outrage.
Remember Google employees and bigwigs lashing out against the NSA and its allies after it was revealed that they can secretly access all your Gmail communication? Google had vowed to fight back by making Gmail use an encrypted HTTPS connection in the future. Starting today, Google has flicked the switch on to make the move final.
“Your email is important to you, and making sure it stays safe and always available is important to us. As you go about your day reading, writing, and checking messages, there are tons of security measures running behind the scenes to keep your email safe, secure, and there whenever you need it,” Nicolas Lidzborski, Gmail Security Engineering Lead, wrote in a blog post on the official Gmail blog.
It must be noted that HTTPS is not a new technology for Gmail and has existed since its launch. In 2010, Google made HTTPS default, but users could still opt to communicate over insecure lines. But now that’s no longer an option. “Today’s change means that no one can listen in on your messages as they go back and forth between you and Gmail’s servers—no matter if you’re using public WiFi or logging in from your computer, phone or tablet.”
Having said that all’s not well just yet. If, for example, you have a lot of communication with non-Gmail users, there’s no guarantee that your emails to them will be encrypted too. It’s still wiser to use an encryption service for your emails as that’s far more effective. And even if Google says all emails on their servers and in their data centres are encrypted, that doesn’t mean they cannot be intercepted in the middle through different means such as tapping into undersea cables, which the NSA has been known to have used from time to time, as an earlier report points out. All this means is that your Gmail is a little more secure than it was before.
Google also taken additional steps to ensure greater transparency in the light of accusations of scanning through your inbox for purposes other than tailored ads. Now emails will be encrypted even while moving internally within Google’s data centres. “This ensures that your messages are safe not only when they move between you and Gmail’s servers, but also as they move between Google’s data centers—something we made a top priority after last summer’s revelations.”
Lidzborski is referring to the revelations made by Edward Snowden last year, which shone the light on a number of US government secret surveillance programmes. NSA and its allies reportedly had access to all of Google’s servers, but the company has maintained that it has never colluded with authorities for mass surveillance programmes and only hands over data after court orders. At TED 2014, Google co-founder Larry Page railed against the NSA tactics and called their methods a threat to democracy. The company is one of the many tech giants who have teamed up to force the US government make reforms in how the NSA obtains data.