Why You Should Encrypt Everything and the Reason You Probably Don't

Why does much of the world stubbornly resist data and email encryption? Why don’t we enable it on all our devices all the time?

Most of the more than 2.5 billion people who use email have more than one account, and 95 percent of the email they send is unencrypted. In real numbers, that’s just over 194 billion emails sent every day in the clear. With the Edward Snowden leaks, the increased attention to online privacy, and the steady increase in data breaches around the world, it would seem imperative — in fact, negligent otherwise — to encrypt the emails we send, the data we store on our phones, and information we send up to the cloud. But, we don’t. And even now, when we’re advised that mainstream email providers like Google and Yahoo offer end-to-end encryption, we refuse to enable the technology. Why does much of the world stubbornly resist data and email encryption? Why don’t we enable it on all our devices all the time?


For most, it’s about convenience. It’s too cumbersome to set it up, and the potential for irrevocable data loss is too high if you forget your password. Unlike technologies that allow for the automatic back up and recovery of your data, if you forget your password to an encrypted device, you may lose all your data. There is no safety net. 

The technology to encrypt consumer email has been around since 1991. Phil Zimmerman released Pretty Good Privacy (PGP) that year and provided to the average citizen encryption technology that heretofore had been the domain of large corporations and governments. Reportedly, when it was released, the NSA couldn’t break it. And while not simple to use, it afforded many with the ability to feel secure in sending and receiving email traffic.

"It's easy to see how encryption protects journalists, human rights defenders, and political activists in authoritarian countries. But encryption protects the rest of us as well. It protects our data from criminals."

But, in a famous study by scholars at UC Berkeley and Carnegie Mellon University, researchers found that most people didn’t use email encryption technology like PGP because it was too complex to use. The user interface was clunky. “User errors cause or contribute to most computer security failures, yet user interfaces for security still tend to be clumsy, confusing, or near-nonexistent,” the authors argue. “User interface design for effective security remains an open problem.”

In fact, The Washington Post reported back in 2013 that Snowden had to personally explain how to set up PGP to Glenn Greenwald, the reporter at The Guardian he contacted:

"When Edward Snowden, the man who leaked the details of the PRISM program, first contacted Glenn Greenwald at The Guardian in February, he asked the journalist to set up PGP on his computer so the two could communicate securely. He even sent Greenwald a video with step-by-step directions for setting up the software. But Greenwald, who didn't yet know the significance of Snowden's leaks, dragged his feet. He did not set up the software until late March, after filmmaker Laura Poitras, who was also in contact with Snowden, met with Greenwald and alerted him to the significance of his disclosures."

“Encryption works best if it's ubiquitous and automatic,” computer security guru Bruce Schneier writes. “The two forms of encryption you use most often — HTTPS URLs on your browser, and the handset-to-tower link for your cellphone calls — work so well because you don't even know they're there.”

"Encryption is the most important privacy-preserving technology we have, and one that is uniquely suited to protect against bulk surveillance — the kind done by governments looking to control their populations and criminals looking for vulnerable victims."

To that end, privacy nonprofit Open Whisper Systems announced last week announced the release of Signal for Android. And while the app doesn’t encrypt and protect email, it does allow for the sending and receiving of encrypted messages and voice calls. And it does it in an idiot-proof manner. When the app was first released on iTunes last year, Open Whisper Systems’ founder Moxie Marlinspike told Wired magazine, “In many ways the crypto is the easy part. The hard part is developing a product that people are actually going to use and want to use. That’s where most of our effort goes.” Lauded by privacy advocates globally — including Snowden — Signal has been downloaded to over a million Android phones.

Whether or not apps make encryption simpler and easy to use, it’s vital that you use technologies that encrypt and protect your information. Personal data security and privacy is your problem. No one is going to solve it for you; neither is an app developer, your government, your child, nor your tech-geek neighbor. Protecting your data is the responsibility of one person: you.

As Schneier reminds us:

"It's easy to see how encryption protects journalists, human rights defenders, and political activists in authoritarian countries. But encryption protects the rest of us as well. It protects our data from criminals. It protects it from competitors, neighbors, and family members. It protects it from malicious attackers, and it protects it from accidents. ... Encryption should be enabled for everything by default, not a feature you turn on only if you're doing something you consider worth protecting. ... Encryption is the most important privacy-preserving technology we have, and one that is uniquely suited to protect against bulk surveillance — the kind done by governments looking to control their populations and criminals looking for vulnerable victims. By forcing both to target their attacks against individuals, we protect society."
--
Jason is Chief, Innovation for Thomson Reuters Special Services where he facilitates, oversees, and executes long-term solutions to emerging technology challenges. He works closely with governments, the private-sector, and non-governmental organizations to identify opportunities that will shape the future. The views expressed are his alone and do not necessarily represent the views of Thomson Reuters or Thomson Reuters Special Services.

3D printing might save your life one day. It's transforming medicine and health care.

What can 3D printing do for medicine? The "sky is the limit," says Northwell Health researcher Dr. Todd Goldstein.

Northwell Health
Sponsored by Northwell Health
  • Medical professionals are currently using 3D printers to create prosthetics and patient-specific organ models that doctors can use to prepare for surgery.
  • Eventually, scientists hope to print patient-specific organs that can be transplanted safely into the human body.
  • Northwell Health, New York State's largest health care provider, is pioneering 3D printing in medicine in three key ways.
Keep reading Show less

Study: Taking a break – even for 10 seconds – helps your brain learn

You wouldn't think even a 10-second break would help, but it does.

Mind & Brain
  • A study finds that even short breaks help you solidify new learning.
  • In a way, learning really only happens during your breaks.
  • For the most effective learning sessions, build-in short rest periods.
Keep reading Show less

5 of Albert Einstein's favorite books

Some books had a profound influence on Einstein's thinking and theories.

Getty Images
Culture & Religion
  • Einstein had a large library and was a voracious reader.
  • The famous physicist admitted that some books influenced his thinking.
  • The books he preferred were mostly philosophical and scientific in nature.
Keep reading Show less
Culture & Religion

The concept of access regardless of land ownership is called 'Allemansrätt' - 'everyman's right'.

Keep reading Show less