Facebook can end-to-end encrypt email notifications using your public PGP key. Because ProtonMail uses, and is interoperable with, PGP, taking advantage of this important security feature is easy if you have a ProtonMail account.
Why enable PGP-encrypted emails from Facebook?
Facebook notifications can contain a great deal of private, sensitive information. For example, they can contain Facebook password reset links or details about who has messaged you on Facebook.
Encrypting Facebook email notifications using PGP does not hide this information from Facebook, but it does prevent third parties, such as your ISP, your workplace network, or a government agency, from accessing them.
Isn’t it a security risk to give my public key to Facebook?
No. Your public key is exactly that, public. You can share it without compromising the security of your ProtonMail account. By sharing it, you enable others (such as Facebook) to send you encrypted messages.
How to enable PGP encrypted emails from Facebook
1. Download your ProtonMail public key by logging in to account.protonmail.com and going to Settings → Encryption & keys. Choose which key you wish to use (if you have more than one) and click Export in the Actions column.
Note: Unfortunately, Facebook does not accept the Curve25519 elliptic curve used by our ECC keys. If your existing Key type is ECC (ed25519) then you’ll need to create a new key. To do this, click the Create key button and generate a 4096-bit RSA key.
2. Open the public key you just downloaded in a text editor. Select the entire text (Edit → Select all in most text editors) and Copy it to your clipboard.
3. Log in to www.facebook.com using your browser and go to Account (downward-facing arrow at top right of screen) → Settings & Privacy → Settings → Security and Login → Advanced → Encrypted notification emails.
Paste the text you copied in Step 2 into the box that says Enter your OpenPGP Public Key here.
Click the checkbox to Use this public key to encrypt notification emails that Facebook sends you and click Save changes when you are done.
4. Facebook will send you an encrypted email notification asking you to confirm that you want it to send you PGP-encrypted notifications. Click Yes, encrypt notification emails sent to me from Facebook to confirm.
Your email notifications from Facebook are now secure.