How to encrypt email in Gmail
How Gmail encrypts email, why confidential mode is not encryption, S/MIME vs client-side encryption, what Google can still read, and true end-to-end.
Dvir Atias
Founder
On this page
- What Gmail encrypts by default
- Confidential mode is not encryption
- Real encryption options in Gmail
- Encryption for automated and agent email
- Where AgenticEmail fits
- Frequently asked questions
- Is Gmail encrypted?
- Is Gmail confidential mode end-to-end encrypted?
- How do I send an encrypted email in Gmail?
- Can I use S/MIME with a free Gmail account?
- Can I send end-to-end encrypted email to a Gmail address?
Gmail already encrypts your email in two ways: it uses TLS while messages move between servers, and it encrypts them at rest on Google's disks. That protects your mail from network snoops and casual theft, but it is not end-to-end encryption, because Google holds the keys and can read your message content. To keep Google itself out of your mail, you need real content encryption, which on Gmail means S/MIME on paid Google Workspace, client-side encryption on Workspace Enterprise or Education, or a third-party tool such as a PGP browser extension. Free consumer Gmail has none of the first two built in. This guide is honest about what each option protects and what it does not.
What Gmail encrypts by default
Every Gmail account gets transport encryption without you doing anything. When one mail server hands a message to the next, the two negotiate a TLS session, often started with the STARTTLS command over an existing plaintext connection, and encrypt the bytes for that single hop. On top of that, Google encrypts your stored messages at rest in its data centers. Between the two, your mail is protected against someone passively sniffing the network or walking off with a disk.
The catch is that TLS is hop-by-hop, not end-to-end. At every server along the path the message is decrypted, processed, and re-encrypted for the next hop, so the provider sees the full plaintext and, in Gmail's case, stores it that way so it can index and display your mail. This is why "is Gmail encrypted" has a nuanced answer: yes, Gmail uses TLS in transit and encrypts messages at rest, but Google holds the keys and can read your content, which is exactly what powers server-side search and spam filtering. Encrypted in transit is not the same as private from your provider. For the full split between these layers, see the email encryption guide.
Confidential mode is not encryption
Gmail's confidential mode looks like a privacy feature, and it is worth being precise about what it actually does. When you turn it on, you can set an expiration date after which the message can no longer be opened, you disable the recipient's built-in options to forward, copy, print, or download the message, and you can optionally require an SMS passcode to open it. Those are real access controls, and they are useful for limiting how a message spreads.
What confidential mode does not do is encrypt the message so that Google cannot read it. The content still passes through Google's servers in a form Google can decrypt, so it remains readable to the provider, and it is not end-to-end encrypted. The forward and print restrictions are enforced by the Gmail interface, not by cryptography, and a determined recipient can still screenshot or photograph what is on screen. Treat confidential mode as a tool for control and expiry, not as confidentiality from Google or from anyone who can compel access to the account.
Real encryption options in Gmail
If you need the content itself sealed from Google, Gmail supports a few genuine paths, though most of them require a paid tier.
- Hosted S/MIME on Google Workspace. Paid Workspace tiers support hosted S/MIME, which an administrator enables for the organization. Once it is on, sending encrypted mail is a toggle in the compose window, but both parties need valid certificates and must exchange them first, and it protects the body rather than the Subject header. See S/MIME email encryption for how the certificates and trust model work.
- Client-side encryption (CSE). On Google Workspace Enterprise and Education tiers, CSE encrypts the message content in the browser before it reaches Google, using keys that your organization controls through an external key service rather than keys Google holds. That is what moves Gmail closer to true end-to-end for content, since Google stores ciphertext it cannot open on its own.
- A PGP browser extension. Tools like Mailvelope add OpenPGP encryption on top of Gmail in the browser, so you can encrypt to a recipient's PGP public key without leaving webmail. This works on ordinary Gmail, but you and your recipient both manage keys manually and must exchange public keys before the first encrypted message.
The honest limitation for consumers: free Gmail has neither hosted S/MIME nor CSE. Without a paid Workspace plan, a browser extension like Mailvelope is effectively your only route to real content encryption inside Gmail, and it puts key management back on you.
Encryption for automated and agent email
Every option above assumes a human sitting at a browser or mail client, clicking an encrypt toggle and managing certificates or keyrings by hand. That model breaks down the moment the sender is a program. An automated service or an AI agent cannot exchange S/MIME certificates through a signed-email handshake or babysit a PGP keyring, and it should not have to. For programmatic and agent-to-agent mail you want an API that generates keys, publishes them, and applies encryption automatically on every send, so encryption becomes a config flag rather than a research project.
Where AgenticEmail fits
AgenticEmail is API-first email infrastructure for AI agents, and its end-to-end encryption is built for exactly this. It uses standards-based JOSE: a JWE envelope with ECDH-ES key agreement over the P-256 curve and AES-256-GCM content encryption, wrapping an Ed25519 JWS that signs the payload under a sign-then-encrypt construction. It is zero-knowledge, so the private key is generated and kept client-side by the SDK or CLI and never touches AgenticEmail's servers, which hold only ciphertext. Peers are found by address through published-key discovery, so an agent resolves a recipient's key and encrypts to it with no manual exchange.
Be clear-eyed about the boundaries. Encryption is opt-in and plaintext is the default, exactly like a normal transactional email API. It works only between two AgenticEmail inboxes that have each published a key, so it is an agent-to-agent feature, not a consumer product. You cannot end-to-end encrypt to an external Gmail address, because Gmail does not speak this protocol and has no key on the discovery endpoint, so mail to a Gmail address goes as plaintext. And because the private key lives only on your side, losing it means old encrypted mail is unrecoverable. Those constraints are the honest cost of real zero-knowledge encryption. See end-to-end encrypted email for the mechanics, encrypted email for AI agents for the agent-to-agent patterns, the step-by-step how to send encrypted email guide, or the docs for the full reference.
Frequently asked questions
Is Gmail encrypted?
Yes, in two limited ways. Gmail uses TLS in transit between mail servers and encrypts your messages at rest on Google's disks. But Google holds the keys and can read your message content, which is what powers search and spam filtering, so this is not end-to-end encryption.
Is Gmail confidential mode end-to-end encrypted?
No. Confidential mode adds an expiration date, disables the built-in forward, copy, print, and download options, and can require an SMS passcode. It does not encrypt the message so that Google cannot read it, the restrictions are enforced by the interface rather than by cryptography, and Google can still read the content.
How do I send an encrypted email in Gmail?
For content encryption you need one of three paths: hosted S/MIME on paid Google Workspace with certificates exchanged in advance, client-side encryption on Workspace Enterprise or Education, or a PGP browser extension like Mailvelope on ordinary Gmail. Confidential mode alone does not encrypt content against Google.
Can I use S/MIME with a free Gmail account?
No. Hosted S/MIME is a feature of paid Google Workspace tiers that an administrator enables, and it is not available on free consumer Gmail. On a free account your realistic option for real content encryption is a PGP browser extension where you manage keys yourself.
Can I send end-to-end encrypted email to a Gmail address?
Only if the Gmail side is set up for it, which for a free account it is not. A standard Gmail address has no published key for protocols like AgenticEmail's JOSE encryption, so mail sent to it goes as plaintext. Reaching a Gmail inbox with true end-to-end encryption requires both parties to share a scheme such as S/MIME or PGP and to exchange keys first.