Today, Facebook have added a new encryption features to the users profiles for enhancing email security. As users always get the email notification from Facebook side and these emails also include content of message, so this should be secure and private.
What is PGP Key ?
Facebook is using PGP (Pretty Good Privacy), an open standard widely used for email encryption. Each user has a public key and a private key; both are similar to what you might see generated from password platforms such as LastPass. Anyone with your public key can send you a message, and you use your private key to view it.