Three reasons why all messages sent over a network are not encrypted-
- Not seen necessary
Low-key data which doesn’t cause any losses due to inaccuracy (no integrity), unavailability, or distribution (no confidentiality) may not require the overhead and investment of encryption by the author/owner.
E.g. General blog sites, freely provided digital entertainment etc.
- Technical negligence and/or ignorance
Despite technical giants, like Google1, pushing for all websites to go the ‘https’ route, companies are still in the unencrypted ‘http’ realm due to lack of technical awareness, lack of risk comprehension, or lack of funds and resources to upgrade.
- Law
The laws of certain countries and states do not allow for all data to be encrypted, as the Government deems it necessary to be able to monitor networks as part of security services. For instance, prevents end-to-end encryption of email services offered by server hosted in the country may not be legally permitted