You can now instruct Facebook to encrypt every email it sends to you so nobody — not even the NSA — is likely to be able to read your messages anytime soon. All you have to do is import your public PGP key into your Facebook settings and you’re good to go.
The problem here, of course, is that most people have no idea how public/private key email encryption works and how to even get started with it. In the wake of Edward Snowden’s leaks, a number of organizations, including Google, promised to completely hide the complexities of end-to-end email encryption from regular users. Very few of these products have materialized so far, however — not for lack of trying, but because this is actually a very complex problem, both from a technical and user experience perspective.
Facebook uses the well-established PGP scheme (the GNU Privacy Guard implementation of OpenPGP, to be precise) to encrypt messages and tools like Mailvelope for Gmail users now make it a bit more straightforward to generate and manage keys in order to read and write encrypted emails. It’s still by no means a completely trivial procedure, and you still need to have a basic understanding of what you are doing.
Facebook acknowledges as much and points potential users to the Electronic Frontier Foundation’s introduction to PGP. Sadly, Facebook made no attempt at hiding the complexity of using PGP, so it’s unlikely that many regular users will actually sign up for it.
The company says
it’s rolling out this new feature slowly the feature is now available globally. If you want to see if it’s available for your account, head to your Facebook settings, look for the contact info section and you should see the option to add a PGP public key.