Skip to content

How Glenn Greenwald & Facebook Learned To Stop Worrying & Love Encryption

Posted in Journalism, and MintPress News

Originally published at MintPress News.

MENLO PARK, California — Facebook now offers users the ability to encrypt their notification emails using PGP, a freely available encryption method proven to thwart NSA surveillance. It’s the latest attempt by social media and other Internet providers to offer increased privacy to their users in the wake of the Edward Snowden leaks.

PGP, which stands for “Pretty Good Privacy,” is a freely available encryption standard that’s been available for decades. PGP encryption works through a technique called asymmetric encryption. Users of the software create both a private and a public encryption key. The public key can be shared freely with anyone who wants to send encrypted messages, and those messages can only be read by the person who holds the private key and its associated password.

The new feature, launched Monday, offers users the option to upload a public PGP key to Facebook. With this feature enabled, Facebook notification emails will only be legible to their intended recipient, using the corresponding password and private encryption key. Without encryption, anyone with access to a user’s email (potentially including hackers, police, or government agencies) could read the contents of private messages included in some notification emails.

Another option with a similar effect is to turn off Facebook notifications entirely and only access them through the website or apps, which can be secured through other means like two-factor authentication.

Though the change is small, it reflects a growing push by Internet services to offer users better ways to secure their accounts and protect their privacy. Google’s End-to-End plugin for the Chrome browser, released in June last year, also lets users encrypt email with PGP.

In a recent interview with Occupy.com, Glenn Greenwald, a journalist who helped Edward Snowden reveal the NSA’s indiscriminate surveillance programs, said new security options like these are the biggest lasting impact of Snowden’s leaks.

“Internet companies like Facebook, Google, Apple, Yahoo and Microsoft are really petrified that if they don’t demonstrate a commitment to their users’ privacy and eliminate this perception that they’ve been collaborating with the NSA, it’s going to destroy their future business prospects,” he told Occupy.com’s Dana Sayre.

What is PGP?

Although PGP is an encryption standard that has been available for decades, some users have found it difficult to use without the aid of plugins like End-To-End.

Greenwald, in his recent book “No Place To Hide,” admits he almost ignored Snowden’s initial emails offering to share leaked documents because he couldn’t handle setting up PGP.

“That’s how close I came to blowing off one of the largest and most consequential national security leaks in U.S. history,” he wrote.

A simple way to understand the concept of asymmetric encryption is to imagine providing someone with a secure lockbox and a padlock to which only one person has a key. The sender could place any message they want inside the lockbox, but only the intended recipient can open it to read what’s inside.

Snowden’s leaks revealed that the NSA is unable to read messages encrypted with PGP. One reason PGP remains secure after decades of use is because it’s open source — the software code and encryption standards are all freely available for civilian programmers and encryption experts to test and improve. Writing for the Intercept in 2013, Micah Lee outlined some of the other secure tools their team used to work with Snowden.

Two years after those first messages were sent, Greenwald told Occupy.com that he’s gone from confusion to wholehearted support for PGP, making it a key part of “No Place To Hide.” He said:

There’s been this huge change in the way not just journalists but millions of people around the world now use encryption who didn’t use encryption previously. … I wanted to make sure that people understood that even if you’re not technologically proficient, you can learn to use PGP (Pretty Good Privacy) – and that you should.

Watch “How To Encrypt Your Email With PGP” below, which explains how to use encryption with two pieces of free and open source software, Thunderbird and GPG: