Secure Email -- A Usability Study
This addresses usability barriers for email users seeking privacy, but it is incremental as it confirms known issues without proposing new solutions.
The study investigated why users hesitate to adopt end-to-end email encryption technologies like PGP, S/MIME, and pEp, finding that over 60% of users are unaware of these technologies and struggle with key management and setup.
Several end-to-end encryption technologies for emails such as PGP and S/MIME exist since decades. However, end-to-end encryption is barely applied. To understand why users hesitate to secure their email communication and which usability issues they face with PGP, S/MIME as well as with pEp (Pretty Easy Privacy), a fairly new technology, we conducted an online survey and user testing. We found that more than 60% of e-mail users are unaware of the existence of such encryption technologies and never tried to use one. We observed that above all, users are overwhelmed with the management of public keys and struggle with the setup of encryption technology in their mail software. Even though users struggle to put email encryption into practice, we experienced roughly the same number of users being aware of the importance of email encryption. Particularly, we found that users are very concerned about identity theft, as 78% want to make sure that no other person is able to write email in their name.