Sep 13, 2018

Metadata: What PGP Can't Protest your email privacy

PGP is all about making sure the contents of a message are secret, genuine, and not tampered with. But that's not the only privacy concern you might have. Information about your messages (“metadata”) can be as revealing as their contents. If you're exchanging PGP messages with a known dissident in your country, you may be in danger for simply communicating with them, even without those messages being decoded. Indeed, in some countries you can face imprisonment simply for refusing to decode encrypted messages.

PGP does nothing to disguise who you are talking to, or that you are using PGP to do so. Indeed, if you upload your public key onto the key servers, or sign other people's keys, you're effectively showing the world what key is yours, and who you know.

You don't have to do that. You can keep your PGP public key quiet, and only give it to people you feel safe with, and tell them not to upload it to the public key servers. You don't need to attach your name to a key.

Disguising that you are communicating with a particular person is more difficult. One way to do this is for both of you to use anonymous email accounts, and access them using Tor. If you do this, PGP will still be useful, both for keeping your email messages private from others, and proving to each other that the messages have not been tampered with.