If by decrypt when the user downloads
means that the server just spits out a decrypted GPG pipe, and sends plain text over the network to the client, that is fairly easy, but I would'nt call it secure. Anyone can see all your files by sniffing the network.
So you are stuck sending information thru GPG encrypted mail, because I don't think GPG has a browser plugin to decode web content. Another limited option would be making GPG encrypted files available for HTML download.
You could just implement the old "Caesar's Cipher" for encryption... ;-)
But it isn't Perl, so all I will do, is leave it at that. From what I understand, someone is working on something similar for Perl, call Perlito, but I doubt it will ever eclipse the geniuses at M.I.T who produced Processing and Processing.js.