Why use PGP encryption?

For the majority of people, the first question they ask with regards to file or email encryption is "What's the point? If I'm not doing anything wrong, then what do I have to hide?"

But a counter question is "Do you have to be doing something wrong in order to suffer from someone else's attention towards you?"

There are any number of various situations in which real harm could potentially come to you if the opinion or information you gave to one person were to be read by another. Some examples:

• Credit card information. (e.g.) sale orders by email. Do you really want the owners of any computer between you and your recipient to know what your credit card number is?
• Business plans. The European aerospace company "Airbus" has alledgedly lost major contracts due to the interception of electronic communications by the U.S. government's Echelon information gathering network, when Airbus' bids for contracts were forwarded to their competitor, Boeing.
• Political dissent. Do you agree with every decision your government makes? What if you were forbidden to ever express your opinion openly? Were you aware that the Russian and Chinese governments place great restrictions over the open use of encryption? What does that say about the usefulness and importance of encryption in protecting the expression of dissent?
• Workplace dissent. Many workplaces currently monitor their employees' email, and some employees have been fired because of personal opinions about a manager or the workplace in general, which was expressed in email to a coworker and later intercepted and read by management. Similarly mailing list participants have been known to become banned from mailing lists because a personal email was sent accidentally to a mailing list, and made available for all to read.
• Distribution of open-source software. With open-source software freely available, and often mirrored at different sites, you want to be sure the program you are downloading is the one you think it is. Using digital signatures provides this kind of confidence. Debian, for instance, requires all its package maintainers to use PGP to sign packages when uploading them to the main Debian pool.

Most likely you can think of other situations where you would not appreciate what you are saying to become common knowledge to anyone other than the intended recipient. Part of the problem lies in the nature of internet and email communication. The internet route a message takes towards its destination can cross a dozen or more machines, any of which can copy and read that message. Likewise the message is stored and handled by a number of different mail handling machines before finally arriving at the destination.

A common analogy is the difference between sending a letter and sending a postcard. The postcard is open for any postman, mail handler, neighbour, to read. A letter, on the other hand, is safely enclosed inside it's envelope, and you will know if it has been opened and read (unless particular great expense has been applied to read it without your knowledge). When you send mail, do you always write everything on a postcard, or do you securely enclose your letter inside an envelope?

PGP encryption may be likened to placing your letter inside an envelope, safe from prying eyes, albeit an envelope with the strength of a safe.

But for me personally, I just like the idea of encryption because it's cool ;)