Follow PGP/GnuPG is widely criticized by usability folks, but *that* is a place where it should be more deployed.

Pretty easy for e-commerce platforms to have an option for uploading PGP keys end encrypting all notification emails with them.

