It's not (only?) a question of "gaining value". End-to-end encryption is fundamentally incompatible with many features that Gmail users rely on. I would recommend reading https://moderncrypto.org/mail-archive/messaging/2014/000780.... from an ex Gmail anti-abuse tech lead. And for 99.99% of Gmail users, protecting automatically against untargeted phishing and malware attacks is a larger security improvement than having e2e encryption.
protecting automatically against untargeted phishing and malware attacks is a larger security improvement than having e2e encryption.
Not to mention, from what I heard out of the mouths of ordinary folks, that protection is literally one of the leading reasons GMail took over. It was nearly spam-proof, and people loved it. (That and lots of free storage)
Boxbe is one that I have encountered people using: http://www.boxbe.com/help It's a little surprising this was never a standard part of email. It's the same workflow as granting permission to be contacted by IM.
Based on a quick search, you are right that the phrase "permission based email" has been SEO'ed into uselessness by email marketing services. What should it be called? Screening? But the spam filtering services have almost SEO'ed that into uselessness.
Boxbe is an interesting service, thanks. Maybe this 'permission-based' was never a standard because spam didn't exist back then and, later when it did exist, didn't play well with the idea of mailing lists. In the latter context it's funny how this search term is SEO'd to return marketing services!
Having just read a former google abuse team member's take on end to end encryption and anti-spam[1], this topic now looks a lot more complex. Regarding IM's, he mentions how spam-free WhatsApp is and argues that spam is a lot easier to fight when you have central control because you can change anything at any time at any point (client or server).
IM is low in spam because spammers would have to wheedle their way onto your contact list to spam you. Same for social networks. You just delete or block spammy "friends."
Even so, they could provide the option, which probably no more than 1-2% of the users would ever use - those who actually need their privacy to be protected, while the rest probably "won't care".
Leave it up to the users to decide whether they want to use end-to-end encryption despite a potential spam problem. It's also not like people couldn't use multiple email addresses.
If you were developing a product, would you invest time, money, and research into a feature that (maybe) one or two percent of your users would utilize?
Google already said in the above article that "only" 0.1% of its users get targeted by state-sponsored attacks (which by the way is about 500,000 users) - so why even bother building that then, by your logic? Clearly, just a waste of resources (probably the same for two-factor auth, Security Key, etc).
How many times have we heard companies "China has a 1 billion people - imagine if we only got 1% of that market with our product!". But we're talking about a feature of a product here, not an entire product that only gets 1% of a market's userbase.
0.1% here, 1% there, another 10% over there - all of these features add-up to create a great product that everyone loves because of the aggregate of features but also because of that "one" feature they love individually.
Another thing to remember is that the enthusiasts are the market-builders. You can't just win with a product that surveys well with 80% of the market. I don't think most of the phone or smartphone customers in 2007 wanted a touchscreen phone. Probably (well, literally, actually) only 1% of the market wanted it then.
Also, we don't know how important this feature could be to gain Google more trust. Telegram for instance has gotten promoted as a private messenger that uses end-to-end encryption - and yet its end-to-end encryption isn't even enabled by default (so same scenario that I was talking about), while its "normal" encryption is probably worse and less secure than what Google uses for Hangouts.
I'd argue that Google implemented it because they don't want their product to be implicated in a high-profile attack; if someone disappeared because their Gmail credentials were phished, it could easily blow back on Google and contribute to a perception that Google services are fundamentally insecure.
It might be a harder sell to implement E2E crypto, although perhaps the same argument might apply some day. The notifications are probably just low-hanging fruit.
