Share news article

Share on facebook
Share on twitter
Share on linkedin
Share on email

Gmail and Google Calendar Now Support Client-Side Encryption (CSE) to Boost Data Privacy

Mar 01, 2023Ravie LakshmananEncryption / Email Security

Google has announced the general availability of client-side encryption (CSE) for Gmail and Calendar, months after piloting the feature in late 2022.

The data privacy controls enable “even more organizations to become arbiters of their own data and the sole party deciding who has access to it,” Google’s Ganesh Chilakapati and Andy Wen said.

To that end, users can send and receive emails or create meeting events within their organizations or to other external parties in a manner that’s encrypted “before it reaches Google servers.”

The company is also making available a decrypter utility in beta for Windows to decrypt client-side encrypted files and emails exported via its Data Export tool or Google Vault. macOS and Linux versions of the decrypter are expected to be released in the future.

The development follows the rollout of CSE to other products such as Google Drive, Docs, Slides, Sheets, and Meet.

The solution, the tech behemoth said, is aimed at reducing the “burden of compliance” for enterprises and public sector organizations, ensuring that no third-party, including Google, can access confidential data.

The feature is globally available to Workspace Enterprise Plus, Education Standard, and Education Plus customers. It does not extend to personal Google Accounts.

It once again bears repeating that client-side encryption is different from end-to-end encryption (E2EE), as Google Workspace users with super administrator privileges can toggle the setting on/off and have control over the encryption keys created.

Discover the Latest Malware Evasion Tactics and Prevention Strategies

Ready to bust the 9 most dangerous myths about file-based attacks? Join our upcoming webinar and become a hero in the fight against patient zero infections and zero-day security events!


It’s also different from Pretty Good Privacy (PGP), which also provides the benefits of CSE via public-key cryptography but requires users to exchange keys with each party first before sending an email. To add to the complexity, it passes the burden of creating and managing the keys to the users.

The integration of CSE to Gmail is the newest security-related addition after Google launched a confidential mode to help protect sensitive information from unauthorized access when sending messages and attachments.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

Related News

CyberSecure Announces Strategic Alliance

CyberSecure Announces Strategic Alliance

BETHESDA, Md., March 24, 2023 /PRNewswire/ — Cybersecure IPS and LockDown Inc. jointly announce that they have entered a strategic alliance to…
Tesla Model 3 Hacked in Less Than 2 Minutes at Pwn2Own Contest

Tesla Model 3 Hacked in Less Than 2 Minutes at Pwn2Own Contest

Researchers from France-based pen-testing firm Synacktiv demonstrated two separate exploits against the Tesla Model 3 this week at the Pwn2Own…
GitHub's Private RSA SSH Key Mistakenly Exposed in Public Repository

GitHub's Private RSA SSH Key Mistakenly Exposed in Public Repository

GitHub, a Microsoft subsidiary has replaced its SSH keys after someone inadvertently published its private RSA SSH host key part of…