Encryption is basically using a code to hide your data. When you were young, you may have used a hidden language to pass notes to your friends in class. Maybe A=1, B=2, etc. This is, technically, a type of encryption. More modern encryption protocols, like Signal and AES are significantly more complicated but at the core the concept is the same: replacing easily understood words with complex substitutes that can - ideally - only be reverted with a “key,”. In the grade school example I gave earlier, the “key” is knowing that A=1, B=2, and so forth. In more advanced software encryption, the key takes the form of you your password. Please not, this is a tremendously oversimplified explanation.
Encryption is a central concept in this section as well as privacy and security in general. When a local device is not encrypted, anyone can plug it into a computer and freely read the contents. For online and communication services, we want a specific type of encryption called “End-to-End Encryption,” also known as “zero-knowledge” (or E2EE or zero-access). I mentioned on the last page that most of the internet is already encrypted, but only between your device and the provider’s server. If you use Gmail, Google holds the encryption keys allowing them to read your emails any time they want. This way of doing things leaves your data easily readable by any unauthorized party who gains access, be it a data breach or a rogue employee. E2EE messages can only be read by you and the recipient, provided you used the service correctly.
Encryption can and should be used in a variety of situations. It can be used to protect communication, like in encrypted emails and messages, or it can be used to protect data at rest like an encrypted hard drive or zero-knowledge cloud storage provider. As we continue through this section, remember that: when dealing with devices, demand encryption. When dealing with online services, demand end-to-end or zero-knowledge encryption specifically.