Limited Usage: Facebook’s Impact on PGP-Encrypted Emails

In 2015, as part of the wave of encrypting all the things on the internet, encouraged by the Edward Snowden revelations, Facebook announced that it would allow users to receive encrypted emails from the company.

Even at the time, this was a feature for the paranoid users. By turning on the feature, all emails sent from Facebook — mostly notifications of ‘likes’ and private messages — to the users who opted-in would be encrypted with the decades-old technology called Pretty Good Privacy, or PGP.

Eight years later, Facebook is killing the feature due to low usage, according to the company. The feature was deprecated Tuesday.

The message Facebook showed users ahead of deprecating PGP encrypted emails.

Facebook declined to specify exactly how many users were still using the encrypted email feature. It is not hard to believe that practically nobody was using it. And as much as I love encryption, killing this feature makes a lot of sense.

First of all, you can switch off email notifications entirely for the simple reason that you can see those notifications in Facebook’s app or in the browsers. Why would you want to get notified twice that your friend tagged you without asking for permission in that party photo where you are drunk?

For example, I used the email encryption feature at the time, but I also later switched off email notifications, so that feature was useless to me.

Also, who the hell uses PGP in the year of our lord 2023? Even the inventor of PGP, the revered cryptographer Phil Zimmermann, said he wasn’t using PGP back in 2015.

“The irony is not lost on me,” Zimmerman told me in an email at the time.

Zimmermann said that the main reason he wasn’t using PGP is that he couldn’t run the necessary encryption software on his MacBook, since Symantec bought PGP in 2010 to incorporate the technology into its own products. Zimmerman also said there was “no version of PGP ever ran on an iOS device.” (It is worth noting that you can encrypt emails and files on Macs using GPG Tools, which served as PGP’s de facto replacement after the Symantec acquisition — if you like to inflict that kind of pain on yourself.)

I still use PGP very occasionally. If you want to annoy me, you can use my public PGP key to send me an encrypted message, which would be so much easier to read and respond to if you sent it to me on Signal or WhatsApp instead.

Rest in peace, Facebook email encryption. You won’t really be missed.