Gmail now always uses an HTTPS connection and encrypts all messages moving internally on Google’s servers

Google today announced it has made security improvements to Gmail to further protect users’ emails from snooping. Gmail now always uses an encrypted HTTPS connection when you check or send email, and encrypts all messages moving internally on Google’s servers.

While Gmail has offered HTTPS support since the day it launched, and Google turned the feature on by default back in January 2010, today’s change goes a step further: it can’t be turned off. Google promises that now “no one can listen in on your messages as they go back and forth between you and Gmail’s servers.” This means that Gmail will use the most secure connection whether you’re connecting on your home network or using public WiFi, and regardless of what device you’re using.


Furthermore, Google says that now every single email message you send or receive is encrypted while moving internally on the company’s servers. In other words, messages are protected not only when they move between you and Gmail’s servers, but also as they move between Google’s data centers.

Without specifically naming the NSA, Google says this change was “made a top priority after last summer’s revelations.” The company originally denied the US government had access to its servers, but as more and more details leaked, it became clear the NSA had multiple initiatives to collect user data from Google and other technology firms via various means.

Despite these new security measures, Google says it is committed to making sure users can access their email. The company revealed that in 2013, Gmail was available 99.978 percent of the time, which means less than two hours of disruption per user for the entire year. With an outage happening every few months, it’s difficult to remember that Gmail has a decent track record overall.