There’s no doubt at this point that, no matter where you are, your communications are probably being collected by someone without your approval.
That someone could be a government intelligence agency or cybercriminals looking to steal your identity. More innocuous are the marketing programs that harvest user data to target advertisements. While they may not be, on the whole, particularly sinister, those programs can be invasive, nonetheless.
Encrypting your email is a good option if you want to increase your overall level of privacy online. Before you get ahead of yourself, however, remember that there are almost always backdoors that someone who’s determined and technologically savvy enough can exploit to get at your personal information, if they want to badly enough.
That being said, it makes sense to encrypt at least your most sensitive emails, such as those that contain business information, travel information or other information that you really wouldn’t want falling into the wrong hands.
It’s likely not as difficult as you believe to encrypt your email. We’ll start with the more difficult—but free—option, and then give some tips on selecting a commercial option, which is usually a bit simpler.
DIY Email Encryption
These instructions will work for Windows, Mac or Linux operating systems. The Linux installation process may involve some extra steps.
Note: Your recipient will have to be set up in the same way you are in order to read your encrypted email.
First, you’ll want to install GnuPG, an open-source tool that uses PGP.
For an email client, we recommend Thunderbird, a free email client from Mozilla. The interface will likely look a bit clunky to some users, but it’s a solid program and it supports the plugin we’re going to use to handle the process of encrypting your email.
Download and install Thunderbird to get started, then set up your email account.
Next, you’ll want to download and install a plugin for Thunderbird called Enigmail. This is completely free, as well.
When you install Enigmail, it’ll walk you through the process of creating a public and private key. Your public key is shared. It’s completely safe to do so and, in fact, recipients will need it to open your emails.
Once the wizard is complete, you’ll need to upload your key to a public server. Click on the Enigmail menu in Thunderbird—and then click on “Key Management.” You’ll see your key listed in the window that appears. Highlight it, select “Keyserver” and then “Upload Public Keys.” You can use the default server that appears after you select this option, in most cases.
In the screenshot below, you can see an email that’s ready to go, but that hasn’t been encrypted. Click on that bit of red text and you’ll be given the option to sign and encrypt the email, as shown below.
You’ll have to share your public key with the recipient so that they can decrypt the message. Anyone without that key will get an email full of garbled characters.
If you want to make things easier on your recipients, however, you can use a commercial service.
How to Use a Commercial Service
How you use these services will vary between one provider and the next, but most of them are very simple. We’ll take a look at Tutanota, since it’s one of the easiest options out there.
With this service, all you have to do is set up an account. You’ll be given a new email address that you can use to send encrypted messages. For a membership fee, you can attach it to a custom domain.
Tutanota will walk you through the process of creating a key, similar to what we did above. After you’re done, sending an encrypted email is easy.
You can send an encrypted email to a user on any service. They’ll receive a notice that you’ve sent them an encrypted message. By clicking on a link, the user is taken to a temporary email box at Tutanota where they can read the message and reply to you. The entire conversation is kept on the Tutanota servers, where it’s encrypted and protected from people without the credentials to view it.
The big advantage here is that the process is much easier on the recipient. They don’t have to install or configure anything to receive the encrypted email, and they don’t have to buy a subscription to reply to you over the service.
There are other services out there that offer various methods of encrypting your email, but Tutanota is one of the easiest we’ve found.
Why Bother With This?
Encrypting your emails might seem a bit over the top, but it’s really not a bad idea to get in the habit, at least for more sensitive communications.
Digitally signing your business emails with Enigmail is a good way to make sure that people know that important communications from you are genuine, and that can potentially prevent fraud.
Not everyone is likely to take advantage of these free tools but, the more people that do, the more secure email will be for everyone.
If you want some assurance of privacy and want to make yourself a harder target for those who would try to read your digital communications, encrypted email is a great start.