Why is Encryption Not Widely Used for Email?

Granted, I rarely send an email that can be classified as “secret”, “sensitive” or “protected”. I can’t think if I’ve ever sent anything that was really sensitive, even when I worked in government. The most illegal activity I’m engaged in involves renting out our basement suite. So I understand the common explanation why email encryption is not used: most people just don’t see the need for secure email.

But when I get an email from my lawyer with the following:

The contents of this electronic mail transmission are an attorney and client communication and are therefore PRIVILEGED, intended to be CONFIDENTIAL and for the sole use of the designated recipient. Any use of this electronic message or the information contained therein, including reading, copying, disseminating or otherwise distributing it, is strictly prohibited unless you are the addressee.  If you have received this electronic message in error, please immediately notify the sender by replying to this electronic message and delete the electronic message from your computer. Thank you.  We appreciate your assistance in correcting this error.

do we honestly think this is secure? We do know this, right? That regular email is not secure.

But a recent “scandal” – based on hacked private e-mail communications between prominent American and British climate researchers that has got global warming sceptics dancing with delight – might serve to raise the profile of encryption. Those hacked emails are now available at http://www.eastangliaemails.com and a good explanation of the context is at http://enviroknow.com. It also seems that the hacking wasn’t too sophisticated – one of the emails had the login and password of one of the account holders in their signature. But for a really good critique of the “Climategate” scandal, check this out: Climategate Explained

I interact with a fairly tech-savvy crowd, but I have yet to find a client, colleague or associate who regularly – actually, ever – uses encryption. So why is encryption not widely used for email?

Advertisement

Data from the Deep, Judgment from the Crowds

The Neptune Canada project at the University of Victoria recently received a $1M funding award from CANARIE Inc., Canada’s Advanced Research and Innovation Network, in response to its “Data from the Deep, Judgment from the Crowd” proposal. eBriefings.ca is a partner in this project, leading the “Digital Fishers” crowdsourcing component under the direction of UVic’s Centre for Global Studies Senior Associate Dr. Rod Dobell. eBriefings.ca (a division of Whitehall Policy Inc.) brings leading-edge depth of experience in deploying Web2.0 principles and technologies in corporate, academic, civil society and civic society environments to facilitate social networking, data capture and collaborative knowledge creation. Continue reading →