Gmail is getting end-to-end encryption for the web — what you need to know

Image of Gmail's logo on a laptop
(Image credit: Monticello/Shutterstock)

Google has announced that end-to-end encryption will soon be available for Gmail on the web, which will allow Google Workspace users to send and receive encrypted emails.

The search giant already offers end-to-end encryption in Google Drive and Google Meet as well as in Docs, Sheets and Slides, though it refers to this feature as client-side encryption. Now, Google is bringing this security feature to Gmail on the web but it will be made available to business and education customers first.

In a new post (opens in new tab) on the Google Workspace blog, the company explains that Google Workspace Enterprise Plus, Education Plus and Education Standard customers will be the first to get a chance to enable and try out end-to-end encryption in Gmail.

According to BleepingComputer (opens in new tab), the feature will make it so that sensitive data contained within the body of an email as well as in any attachments can’t be decrypted by Google’s servers. However, it’s worth noting that an email’s subject line, timestamps and recipient list won’t be encrypted.

Gmail end-to-end encryption beta

As is often the case with new features, end-to-end encryption for Gmail on the web will launch in beta first before becoming generally available.

Eligible Google customers have until January 20, 2023 to apply for the beta and to do so, they will need to submit a Gmail CSE Beta Test Application (opens in new tab) that includes their email address, Project ID and test group domain.

Since this feature is aimed at business and education users, their organizations will likely be the ones filling out this information and applying for the beta. Still, you could mention that end-to-end encryption in Gmail on the web is something you’re interested in to your IT department if you frequently discuss sensitive topics over email.

How to use end-to-end encryption in Gmail

Once accepted into Google’s end-to-end encryption beta test for Gmail, your Google Workspace admin will need to follow these steps (opens in new tab) to enable the feature. Even then, the feature will be disabled by default but it can be turned on by going to Admin console > Security > Access and data control > Client-side encryption.

From here, you’ll be able to toggle end-to-end encryption on for any email by clicking the lock icon next to the recipients field in Gmail and clicking “Turn on” under the “Additional encryption” option. Writing and sending emails will be the same as you’re used to in Gmail but now they’ll have an extra layer of security.

Although end-to-end encryption in Gmail on the web will only be available for Google’s paid business and education customers, the feature could eventually roll out to personal Gmail accounts in the future.

Anthony Spadafora
Senior Editor Security and Networking

Anthony Spadafora is the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to password managers and the best way to cover your whole home or business with Wi-Fi. Before joining the team, he wrote for ITProPortal while living in Korea and later for TechRadar Pro after moving back to the US. Based in Houston, Texas, when he’s not writing Anthony can be found tinkering with PCs and game consoles, managing cables and upgrading his smart home.