Information Security


Guidance on Encryption of Email and Email Attachments

1 Scope 

This document is intended to provide advice to UCL users who wish to send personal or special category personal data (sensitive data) by email.

2 What is sensitive data? 

(i) Personal data is defined in the GDPR as: “‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.

Also: “some of the personal data you process can be more sensitive in nature and therefore requires a higher level of protection. The GDPR refers to the processing of these data as ‘special categories of personal data’. This means personal data about an individual’s:

  • race;
  • ethnic origin;
  • political opinions;
  • religious or philosophical beliefs;
  • trade union membership;
  • genetic data;
  • biometric data (where this is used for identification purposes);
  • health data;
  • sex life; or
  • sexual orientation.

Personal data can include information relating to criminal convictions and offences. This also requires a higher level of protection.

(ii) Corporate data and intellectual property: This includes, but is not limited to, strategic planning and financial information. If you are unsure what information falls within these categories you are advised to consult your Head of Department or Division. 


3 Guidelines 

There are several options available for encrypting email, not all of which are covered by this document. Below are two methods which may be suitable for UCL users, depending on their requirements.

3.1 Sending encrypted archives as email attachments 

Users wishing to send a sensitive attachment with an email that does not otherwise contain sensitive information may find that the simplest method is to create an encrypted archive containing the file and attach the encrypted archive to the email. The main advantages of this method are that it is simple, and the software required for decryption is freely available.

The main consideration with this method is that the password to the archive must be passed to the recipient. This should be done by a medium other than email.

Also, a sufficiently strong encryption algorithm should be used. Most up to date archive software supports AES encryption and are compatible with each other (eg a .zip archive created with 7-Zip can be opened with WinZip, WinRar etc). Older products using the ZipCrypto algorithm should not be used as the encryption is weak. If a product does not specifically mention AES, it is probably using ZipCrypto and should not be used. The free archiver 7-Zip is recommended. 

The document Using encrypted archives with 7-Zipdescribes the process on creating and opening encrypted archives using 7-Zip.

3.2 Public key encryption 

Users wishing to encrypt email on a regular basis are advised to use public key encryption, especially products using the OpenPGP standard. Public key encryption requires both the sender and recipient to set up a pair of cryptographic keys. A plugin for the email client and/or a separate program is also required. Once this is set up, encrypted emails can be sent and received without the need to exchange passwords as in 3.1. Public key encryption also allows the use of digital signatures, which provide the ability to determine whether an email was actually sent by the person claimed to be the sender. 

Most email clients on most platforms have support for the OpenPGP standard. A number of options are listed below: 

Enigmail, a plugin for the Thunderbird email client is used and recommended by UCL CST. An excellent quick start guide simplifies the fairly involved process of setting up public key encryption. It uses GnuPG and will work on Windows, Mac OS X and Unix/Linux. 

Gpg4win is an installer package for GnuPG on Windows and includes a plugin for Microsoft Outlook. However, the integration with Outlook is limited and not as user friendly as Enigmail on Thunderbird. 

Mac GPG is the Mac OS X port of GnuPG and support is available for several email clients. 

PGP Corporation provide a range of commercial encryption products for Windows and Mac OS X products including PGP Desktop Email, which works transparently with most email clients.