I am paranoid by nature. I lock my desk; I have a safe deposit box; my wireless router is password-protected; my passwords are, whenever possible, at least 12 characters long and randomly generated. I would never even dream of sending any important information on a postcard.
So why, I wonder, are my clients sending me their documents via unencrypted e-mail and why do they expect them back the same way?
E-mail is inherently insecure. The message content, as well as the attachment content, can be intercepted and read by anyone at any point along the transmission path. In addition, content can be altered and the recipient wouldn’t even know. And to make things even worse, the sender of a mail message can be easily faked.
This means that sending important or even sensitive information by e-mail has several strikes against it: (1) It can easily be read by people other than the recipient; (2) the recipient cannot be sure that the sender is really the person who appears as the sender in the e-mail; (3) the recipient does not know whether the content is really the original content or whether it has been altered in some way. Ergo, sending information via unencrypted e-mail is even worse than sending it on a postcard.
If the clients don’t care about this lack of security, why should I worry? As Gabi Zöttl pointed out in a recent blog post, secure transmission of documents and information not only protects clients, it protects translators as well. Whether I have signed a non-disclosure agreement or not, encryption of my e-mail communication may just be what saves me in case of a security breach.
I have been offering PGP encryption (for Mac here) for more than ten years (read the Wikipedia article on PGP), and as unbelievable as it sounds, in all this time none (zero) of my clients has asked for encryption of e-mail transmissions – despite insistence on sometimes very strict non-disclosure agreements and transmission of sometimes highly confidential material.
It is easy to believe that when I send e-mail to someone I have a discrete, isolated connection from me to that person and that I can safely send whatever I want through that connection. Unfortunately, reality it different. Encryption needs to have a much more prominent place among the tools of translators – not only to protect the integrity of the sent material, but also to protect the translator from claims of negligence.