Facebook will now allow for PGP-encrypted emails, the site announced today. The feature will affect the standard account maintenance emails Facebook currently sends, alerting users to private messages, password changes, and other account notifications. Since some of those notifications may be sensitive or involve a sensitive account, encryption will ensure no one can read the content of the messages without the key. They had previously been encrypted over the network through HTTPS, but this would additionally conceal them from email services like Gmail and Yahoo, which regularly scan user inboxes for ad-targeting purposes.
Users who want to receive those emails in encrypted form can upload a public key in the Contact Info section of the About page. Facebook will also display your PGP fingerprint as part of your contact info, in case anyone wants to send you encrypted mail. You can download Gnu's PGP tools here, which will guide you through the process of generating public and private PGP keys.
Facebook's new feature is particularly useful in conjunction with the Tor site that Facebook rolled out in October. Together, they provide an effective way to use Facebook without revealing your identity, connecting through Tor and maintaining the account through encrypted emails. Any emails sent under the system will clearly be from Facebook, but won't reveal which account they're sent in reference to, allowing the user to receive alerts without breaking anonymity. It's a potentially crucial feature for activists and journalists in oppressive countries, looking to use Facebook under a pseudonym without revealing themselves to the network.