> Not sure why any of this would prevent Apple, Gmail, and Office365 from implementing a transparent PGP encryption layer. If just those three entities worked this out, the vast, vast majority of emails in the western world would be encrypted effectively. Just because some emails wouldn't be well-encrypted doesn't change that this would be a huge benefit for privacy.
The challenge is key handling, especially the commonality of multidevice access to the mailbox. If you want to do this transparently, the only place you can store the key is... right next to the mailbox, so that anyone with access to the mailbox has access to the key. In other words, you're forced to limit the number of people who can read the message to anyone who has access to the mail server. But there's an easier way to limit the number of possible readers of a message to that set of people--just encrypt all the links involved in sending a message. And that was done about a decade or so ago, and happened pretty transparently.
Oh, and there's another problem. Encrypted emails break a lot of email features people like to rely on, such as spam filtering, server-side filters, or server-side search. (Assuming you don't just give up and give the server the keys.)
Encrypted email is a solution in search of a problem.
> If you want to do this transparently, the only place you can store the key is... right next to the mailbox, so that anyone with access to the mailbox has access to the key.
If the client can generate a unique public/private key pair for every sender/recipient combination, the key wouldn't need to be stored on any server, just ephemerally transmitted one time over TLS/SSL. But that would have the downside of if you lose all devices with the key, you can no longer read those emails. There's partial solutions for that, like your own collection of public keys could be encrypted with a passkey/passphrase and uploaded to the central server, but then if you lose your passphrase, Gmail still can't help you read past emails.
I agree that good key distribution is probably impossible.
I'm pretty sure an on-device LLM / statistical model could filter spam pretty darn well though.
The challenge is key handling, especially the commonality of multidevice access to the mailbox. If you want to do this transparently, the only place you can store the key is... right next to the mailbox, so that anyone with access to the mailbox has access to the key. In other words, you're forced to limit the number of people who can read the message to anyone who has access to the mail server. But there's an easier way to limit the number of possible readers of a message to that set of people--just encrypt all the links involved in sending a message. And that was done about a decade or so ago, and happened pretty transparently.
Oh, and there's another problem. Encrypted emails break a lot of email features people like to rely on, such as spam filtering, server-side filters, or server-side search. (Assuming you don't just give up and give the server the keys.)
Encrypted email is a solution in search of a problem.