The prevalent email client is now bringing client-side encryption on the web in beta. The company states the feature would make its way to the rest of its benefits “in a later release.”
CSE for Gmail is now only accessible to consumers on Google Workspace Enterprise Plus, Education Plus, and Education Standard, vacating out users on lower-placed Workspace tiers, personal Google accounts, and users on older G Suite Basic and Business plans.
The feature is disabled by default — administrators can allow it by moving to Security > Access and data control > Client-side encryption from the Admin console.
Exploring a section of Google’s CSE support page, we understand that admins of organizations will have significant power over which individual in the business has access to the keys, including the capacity to monitor the users’ encrypted files. By contrast, end-to-end encryption doesn’t let admins view the users’ encrypted files.
Google explains features like multi-send mode, signatures, Smart Compose, and translation. And summaries, Confidential mode, etc., will not be open with CSE emails. Likewise, CSE on Gmail won’t let users scour the body of the encrypted message. While limiting third-party add-ons from accessing the plain-text contents of the encrypted mail.
The support mentioned above suggests client-side encryption for “highly regulated” industries, including the government, defense, aerospace, and financial institutions. Google also notes that CSE is already public for its other products. Namely, Docs, Slides, Sheets, Drive, and Meet, while Calendar presently has the feature in beta.
Eligible clients can apply to try the Gmail client-side encryption beta until January 20, 2023. CSE will also drive its way to Gmail for Android and iOS. But Google still needs to present a timeline for its arrival.
