GettyPrivacy advocates at the Electronic Frontier Foundation (EFF) have hit out at Gmail’s “confidential mode” warning that it is not secure or private. It comes after Google turned confidential mode on by default for business users this week (June 25). The feature adds more control by allowing senders to create expiration dates and revoke previously sent messages. Meanwhile, confidential mode prevents recipients from forwarding, copying, printing, or downloading their content or attachments. But experts have criticised the feature for not being as secure as it sounds. Calling the feature “confidential” mode “creates privacy and security expectations that the product just doesn't meet,” says Gennie Gebhart, associate director of research at the EFF.
“Confidential mode emails are not end-to-end encrypted, for example, which means that Google can see the contents of your messages,” she says.At the same time, Google can technically even store them indefinitely, regardless of whether you use the 'expiration date' feature, Gebhart points out. “Confidential Mode provides absolutely no confidentiality from Google,” says Gebhart. “My biggest fear with confidential mode is that it will give users a false sense of security that prevents them from seeking more secure, end-to-end encrypted communication options, like Signal or WhatsApp.”
What does Google say?
It’s a damning criticism, so what does Google say? Google details the benefits as well as some pitfalls of confidential mode on its support site, so it’s important that people read this carefully.It describes how confidential mode works: “When someone sends a confidential mode message, Gmail removes the message body and any attachments from the recipient's copy of the message.
“These are replaced with a link to the content. Gmail clients make the linked content appear as if it's part of the message. Third-party mail clients display a link in place of the content.”
Among the benefits, Google says Gmail users can prevent unauthorized access to their information.
“Users can set a message expiration date, revoke message access at any time, and require an SMS verification code to access messages,” Google says.
But Google also warns:
“Important: Although confidential mode helps prevent the recipients from accidentally sharing an email, it doesn't prevent recipients from taking screenshots or photos of your messages or attachments. Recipients who have malicious programs on their computer may be able to copy or download your messages or attachments.”
I have reached out to Google directly for a response to the criticism and will update this story when it arrives.
The bottom lineProtonMail–which, it also must be noted is a direct competitor to this Gmail feature–has written a blog about Google’s confidential mode. “Without end-to-end encryption, Gmail’s confidential mode is little more than a marketing trick designed to pacify users concerned about privacy,” the blog says. So, is this right? I asked Sean Wright, an independent security researcher, what he thinks. He emphasizes ProtonMail’s position as a direct competitor to Gmail’s confidential mode. However: “ProtonMail certainly highlights some shortfalls of the confidential mode in Gmail, such as the email remaining in a user's sent items after they have set it to expire,” he says.
Given past news of Google reading users' emails for further targeted advertising, Wright wonders how this comes into play with the confidential feature. “This contradicts the purpose of their confidential mode,” he says.
At the same time, Wright points out that despite pushing its own privacy credentials, Gmail competitor ProtonMail also allows screenshots of emails.
It's also worth noting that while there are shortfalls with the confidential mode of Gmail, it is “certainly an improvement” on what exists today, Wright says. “It may have flaws, but it's a step in the right direction, if Google hopefully rectifies some of its short comings.”
So, should you move away from Gmail, or not use its confidential mode? No. Just be aware of its limitations and know that if you want more secure, end-to-end encrypted communication options, it’s better to use WhatsApp, or Signal instead.
Data Privacy Concerns with Google
It also makes sense to take a look at resources such as the EFF's “Surveillance Self-Defense” which contains general guides and tool-specific tutorials. These might be useful for readers concerned about the privacy of their communications.