Gmail Confidential Mode is a new feature that Google rolled out in an attempt to address rising privacy concerns. Confidential mode allows you to send emails that expire after a certain time and set additional authentication via SMS in order for people to read the message. However, whilst this may help address certain privacy concerns, the feature does fall short when it comes to providing true confidentiality.
Gmail’s Confidential Mode is not much more than a marketing strategy. That’s because Gmail’s Confidential mode does not use end-to-end encryption, and that means Google still has access to the contents of your emails.
Here’s why you should think twice before using this feature:
- Between you, me & Google: Gmail’s Confidential Mode does not make emails private because Google can always read them. When you send an email with Confidential mode turned on, Google keeps the email contents on its servers. As a result, it’s never between you and the recipient, but between you, the recipient, and Google.
- No End-to-End Encryption: Gmail-hosted emails do not have end-to-end encryption, there is a risk of intrusion through cybercriminals, Google servers and government agencies. Through Confidential mode, an individual will send sensitive information that he will not send through normal mode falsely believing that the valuable data is secured. Only end-to-end encryption can guarantee secrecy. The encryption process ensures that only those holding the key to decrypt the information can access it. It is for this reason that end-to-end encryption is a necessity for protecting confidential communications.
- Retrievable Expiration: The recipient can no longer access the email after it has expired. However, the message remains in the sender’s sent folder, which Google can also read and It can still be accessed by Google and potentially exposed to governments or hackers. Simply put, messages sent with Confidential Mode are still retrievable—by the sender and by Google after the expiration date.
- Collecting Data Through Passcode: The passcode option is nothing more than an invasion of privacy. In order to set a passcode for your recipient, you must provide their private phone number to Google. In most cases, if you are sending a message to a Gmail user, Google already knows their phone number. Sending a passcode-protected email to a non-Google user, however, gives the company access to their phone number and any sensitive information in your message. For Google, this is a way to collect information about people who are not using their service.
- Allows Screenshot: In Google’s Confidential Mode, recipients are not allowed to forward, copy, download, or print information. However, it is not real security. The recipient can simply take a screenshot of the email. The recipient can easily make a screenshot and paste it into a new email and send it to another.
In an age where emails continue to be the main form of communication for personal and business communication, it’s important to invest in services that keep your information completely private and secure.