| ▲ | streetfighter64 2 hours ago | |
Yes they do (the storage of your emails on their servers, that is). See this comment for a summary of their claims and reality https://news.ycombinator.com/item?id=47625229 Edit: A reply to your misunderstanding and accusation below: What do you mean? By "provide your emails to others" I obviously mean the email *contents*, not the email *address*. (Which I also clarified with "the storage of your emails on their servers"). You know, the very thing that is almost the whole selling point of Proton: that they keep the contents of your emails encrypted so "only you" can access them. > Proton Mail protects the contents of all your messages with zero-access encryption, meaning no one can read them except you and your recipients. Messages you send to other Proton Mail accounts are always end-to-end encrypted, as are emails sent to non-Proton Mail accounts when you use Password-protected Emails. https://proton.me/security/end-to-end-encryption Also, what in the SMTP protocol requires Proton to *store* that metadata? Could they not simply delete it after using it (or, crazy idea, encrypt it in the same way the message contents are encrypted in storage), so they would be unable to respond to law enforcement requests the next week, say? They did also previously claim that they didn't log user's IP addresses. Why would they claim something like that, if it's "obvious to anyone who knows" that it's a false claim? Marketing aimed towards their not so technically savvy userbase? https://www.theregister.com/2021/09/07/protonmail_hands_user... Let me also remind you that I was replying to a question about "how would it technically even be possible" to "offer loads of your private data when ordered". My reply was, it's easily possible for them to offer your metadata, and you still need to trust their claims about heir implementation of E2EE to believe they won't offer your message contents. You're very quick to accuse people of spreading misinformation. Let me hit back with an accusation of my own, which is that Proton's PR team have a habit of regularly trying to discredit any critique as "misinformation". Perhaps you've just read too many of their rebuttals? | ||
| ▲ | 0x3f 2 hours ago | parent [-] | |
They simply don't. Please stop spreading misinformation. https://proton.me/mail/privacy-policy > Account Activity: Due to limitations of the SMTP protocol, we have access to the following email metadata: sender and recipient email addresses, the IP address incoming messages originated from, attachment name, message subject, and message sent and received times. This would be obvious to anyone knows how email works. It would be very silly for them to claim otherwise. | ||