| ▲ | Tadpole9181 3 hours ago |
| From every instance I've seen, Proton has only ever done what is legally required of them by a warrant. They do not get to say no when asked to turn over what they do have; which is going to be things they can't avoid storing - like email addresses or recurring payment information an account has. But they don't store logs and all actual data is E2E / at-rest encrypted, so that data does not exist for them to give away. There's no master key or back doors. |
|
| ▲ | mossTechnician 2 hours ago | parent | next [-] |
| The problem is the gap between marketing promises and realities. Proton markets itself as a safe Swiss product[0] for activists[1], but the reality is their accounts often expose more than a casual user may expect, like a secondary email address[2] (often required to sign up) or payment info[3]. The Swissness is even more suspect according to this article, if it's true that they rely so heavily on American infrastructure and don't responsibly disclose this even in their privacy policy. [0]: https://proton.me/blog/switzerland [1]: https://proton.me/blog/protesters-free-speech [2]: https://www.theregister.com/2024/05/13/infosec_in_brief/ [3]: https://slashdot.org/story/453084 |
| |
| ▲ | Tadpole9181 2 hours ago | parent [-] | | This seems unreasonable. The entire point of Proton is that they themselves cannot access your data, that's how I've seen it advertised. The Swiss thing is more just that they can't be compelled to enable logging. (To be fair, though, maybe that's changed. it's been a while since I saw their home page and I don't exactly make a habit of disabling my adblock). But I don't see how any reasonable person would not know that the email addresses and payment information that Proton must have access to would therefore be subject to disclosure to law enforcement. And for the vast majority of people, they aren't exactly on a tight watchlist where intelligence agencies are making thread boards to catch them committing for international crimes to make this matter. Anyway, I especially don't understand the flack they get on this forum with people who do understand and should understand how hard it is to advertise technical features to normies. Normal people aren't cyber criminals who needs to hide every spec of their trail from all governments. They just want to feel like no one is reading their messages or Internet history or passwords. Proton offers that, full stop. | | |
| ▲ | mossTechnician an hour ago | parent [-] | | A recovery email address is your data, and a company that prides itself on encryption could figure out a way to hash it too. Maybe I'm just below average here, but I expected that from them at a minimum. I was shocked to discover they didn't bother. It's not unreasonable to think Proton should significantly tone down promises like "We support peaceful protest" while seriously downplaying what they will turn over[0], or promising "We are... committed to defending your freedom" on their homepage[1]. It's certainly reasonable to have a complete list of data processors in their own privacy policy. [0]: https://proton.me/blog/protesters-free-speech [1]: https://proton.me/ |
|
|
|
| ▲ | throwaway27448 2 hours ago | parent | prev | next [-] |
| This isn't much comfort when the swiss government bends over and takes other states up the ass at the slightest issue, eg https://www.404media.co/proton-mail-helped-fbi-unmask-anonym.... Why on earth is the swiss state acting like stooge for the fbi? Tell them to go fuck themselves like a normal person. PGP/GPG (can never remember the difference) is the only privacy solution worth a damn and proton is just a gmail alternative with a nice interface. |
|
| ▲ | harimau777 2 hours ago | parent | prev [-] |
| If they advertise that they will protect their users privacy, then I don't see how complying with government snooping is an excuse. Either provide what you say you will or don't say that you will provide it. |
| |
| ▲ | Tadpole9181 2 hours ago | parent [-] | | Proton has never said they will refuse a warrant for what your email address or recovery account are. They say that the contents of your emails, calendars, notes, passwords, etc are not accessible to them and therefore cannot be spied on even if a warrant is fulfilled. | | |
| ▲ | mossTechnician an hour ago | parent [-] | | Proton's homepage says: We are a neutral and safe haven for your personal data, committed to defending your freedom. |
|
|
