Google makes HTTPS encryption mandatory for Gmail

MOUNTAIN VIEW, Calif., March 21 (UPI) -- Google has said that all Gmail users will have HTTPS encryption, regardless of the security of their Internet connection, as emails move around Google servers.

The search giant has been attempting to strengthen security and data encryption standards after revelations that the U.S. National Security Agency was snooping the Internet, and possibly accessing Google's data centers. The move is important for the company as it relies heavily on user data to drive its services.

Google's security measure will secure communications of users emailing other Gmail users, as Google servers are involved at both ends, but may not extend to users with different email services. In those cases security not only depends on Google's encryption but on recipients' email service providers.

While Google's security measure will help prevent bulk email grabs, by individuals or institutions such as the NSA, targeted email interventions will still be possible.

Making an appearance at TED in Vancouver, Google CEO Larry Page was critical of the government's snooping program.

“For me, it’s tremendously disappointing that the government sort of secretly did all these things and didn’t tell us. I don’t think we can have a democracy if we’re having to protect you and our users from the government for stuff that we never had a conversation about,” he said.

Google has had HTTPS encryption since it started and has been a default feature since 2010, but the encryption wasn't applied to emails flowing through Google's servers.

[Slate] [PCMag]