Oh ffs. We have known for years that Proton is just a for profit company like any other. They dont give a fuck about you or your privacy. They never have and they never will.
For profit or FOSS, they can’t ignore the Swiss government. It’s fucking stupid that people put this ridiculous standard on them like they’re able to just tell the Swiss no and face no consequences.
If you were in their position, you would roll over too, and if you claim otherwise you’re just straight up lying.
What data? Here it is the IP address and only under order by authorities.
I feel ever since the social media shitstorm people love to pile on Proton for anything. They never said they won’t comply with law enforcment, did they?
What data? Here it is the IP address and only under order by authorities.
Whatever they gather. It says as much in the article; they started recording IPs once a request by the Swiss government came through.
ProtonMail can’t directly share data with foreign governments. In fact, doing so is illegal under Article 271 of the Swiss Criminal code. The police gained access to the IP address because Swiss authorities chose to cooperate with the French government. ProtonMail also points out how Swiss authorities will only approve requests that meet Swiss legal standards.
Under Swiss law, ProtonMail should notify the user if a third party makes a request for their private data and if the data is for a criminal proceeding. However, there’s a big catch/ loophole here. On its law enforcement page, ProtonMail highlights that the notification can be delayed in the following cases:
That’s based on the currently available laws. So if a law gets drafted that says “if we suspect someone to be complicit in criminal activity we want you to gather more data” we should just be fine with that because the authorities say so? Because the authorities are always infallible and incorruptible, right?
The details of this individual case isn’t the problem, it’s the precedent it sets that is. When Mullvad got raided for their logs there was nothing recovered because they don’t store anything. Proton stores things based on if the authorities ask them to, and when they find out that it wasn’t a terrorist or child-trafficker they go “woops we had no idea the account belonged to a climate activist.”
ProtonMail does not log things by default, but they can still be court ordered to do so by swiss authorities - if you want to run any business at all, you have to submit to a jurisdiction, you can only choose which one to run under. And even if your chosen authority is alright by itself, it can still be misled by other jurisdictions like the French did, using the terror-cudgel against climate activists.
I can also recall that in this case Proton said that had their user actually bothered to use any VPN, even Proton’s, there wouldn’t have been anything to give to authorities except for an exit node IP.
Proton said that had their user actually bothered to use any VPN, even Proton’s, there wouldn’t have been anything to give to authorities except for an exit node IP.
“She shouldn’t have dressed that way.”
Proton could do better, and it’s ridiculous that there are people out here okay with them not doing better.
Our legal entity is in Sweden, where the law does not allow for any government to force us to spy on our users.
You’ll agree that Proton doing better would require them to move to a different country, right?
Also Mullvad doesn’t offer email accounts, does it? Seems that they couldn’t have a ‘no user data’ policy if they did since the emails would be exactly that.
You’ll agree that Proton doing better would require them to move to a different country, right?
I’m okay with this. Sweden isn’t exactly known as a bastion of freedom. Our current minister of equality (Liberals) is pushing for a porn ban. The EU proposal colloquially called “Chat Control” was originally put forth by the Swedish EU Commissioner Ylva Johansson who belongs to the Social Democrats.
Also Mullvad doesn’t offer email accounts, does it? Seems that they couldn’t have a ‘no user data’ policy if they did since the emails would be exactly that.
You’ll forgive me if I don’t feel like it’s productive to repeat myself, but if you genuinely care for a response you can view it here: https://pawb.social/comment/18804733
Right, because corporations are widely known for going to prison when they break the law. Where exactly did they imprison Facebook for interfering in elections? Running illegal experiments on people? Pirating books and pornography? Surveilling children and selling their data?
Look at Mullvad. They’ve denied access to their data multiple times, they got raided, and nothing of use was recoverable. That’s what respect for privacy looks like. Proton could set their infrastructure up in this fashion, but instead they’ve chosen to just hand out user data freely.
I don’t know about ‘should’ but wasn’t that the impression their marketing tried to give? Or at least that they would fight to defend user privacy for noble activists? But when challenged, its owners seem to have folded quicker than a strapontin.
Nothing in their marketing says they’ll refuse to comply with lawful orders.
Maybe not now, but it used to say ‘your privacy comes first’ which certainly gave the impression privacy would be more important than blindly believing and obeying courts.
For sure, I know this, but privacy does not come first for any of them and it was wrong of Proton ever to say it did. To them, their survival comes before yours, so they will betray you to the Swiss courts if needed.
And yet, legal entities are often found guilty of not complying with the law. I think people were expecting Proton to at least try to fight a morally-questionable court order.
They said things that led the unwary to trust they wouldn’t. Remember, this isn’t some terrorist mass-murderer they handed over, but apparently an anti-gentrification youth activist linked to Greta Thunberg’s campaign groups.
Edit to add: in particular, Proton used to claim ‘your privacy comes first’ but this case suggests in reality, the Swiss government’s help for French police comes first.
Proton never says they won’t comply with orders from the Swiss government. You won’t find that claim anywhere on their website, any more than you’ll find it on Tuta’s website.
of course they are, and that’s a good thing. because there’s a lot of people in the comments here that mistook privacy for anonymity and expect Proton to break the law for them out of principal. which, quite frankly, is unfair to Proton because I’m willing to bet none of the people in this thread would be willing to do that if they were in Proton’s position.
I never said anything about complying with laws, people just interpreted it that way. Of course everyone will comply with local laws or secret government orders that come with threats of imprisonment. I dont know if Proton was required to log this data in the first place, but if they were then this specific situations is not their fault.
The issue with Proton isnt that they follow laws, but that they portray themselves like they are better or more private than others when they are just not. Bigger = worse in the tech world. Whenever too many people are using services of a single company, it becomes an attractive surveillance target.
What im also annoyed about is people being surprised by this and these headlines that make it look like its some sort of betrayal. You should always be worried about your privacy when you put data on a computer that isnt in your physical possession. Proton isnt trustworthy because nobody is trustworthy except yourself.
it’s always disappointing when people all about FOSS and shit suggest Proton to people looking to switch from google. no, don’t do that. use Tuta or self host or ANYTHING other than Proton. it’s such a shit company that does not deserve the praise they receive.
You recognize that it is absurd to complain about recommendations and then recommend something you know nothing about and refuse to stand behind, right?
Tuta are also a for-profit company, aren’t they? Just one that currently has better published positions than most. Use them, but make sure you keep a path to the exit door in view.
Oh ffs. We have known for years that Proton is just a for profit company like any other. They dont give a fuck about you or your privacy. They never have and they never will.
For profit or FOSS, they can’t ignore the Swiss government. It’s fucking stupid that people put this ridiculous standard on them like they’re able to just tell the Swiss no and face no consequences.
If you were in their position, you would roll over too, and if you claim otherwise you’re just straight up lying.
They complied with laws. Where is the issue?
That’s the issue.
What data? Here it is the IP address and only under order by authorities.
I feel ever since the social media shitstorm people love to pile on Proton for anything. They never said they won’t comply with law enforcment, did they?
Whatever they gather. It says as much in the article; they started recording IPs once a request by the Swiss government came through.
That’s based on the currently available laws. So if a law gets drafted that says “if we suspect someone to be complicit in criminal activity we want you to gather more data” we should just be fine with that because the authorities say so? Because the authorities are always infallible and incorruptible, right?
The details of this individual case isn’t the problem, it’s the precedent it sets that is. When Mullvad got raided for their logs there was nothing recovered because they don’t store anything. Proton stores things based on if the authorities ask them to, and when they find out that it wasn’t a terrorist or child-trafficker they go “woops we had no idea the account belonged to a climate activist.”
The authorities aren’t infallible. Some years back here in Sweden we had police raid, physically abuse, and kidnap a guy they suspected was a pedophile because he’d sent images of him and his 30 year old boyfriend having sex via Yahoo Mail. There’s no reality where this man should’ve been fucking beaten up and traumatised the way he was, but it happened, and there was no recourse for him. Nowhere down the chain of responsibility did anyone get reprimanded or investigated for misconduct.
Complying with the law is such a bullshit fucking excuse.
ProtonMail does not log things by default, but they can still be court ordered to do so by swiss authorities - if you want to run any business at all, you have to submit to a jurisdiction, you can only choose which one to run under. And even if your chosen authority is alright by itself, it can still be misled by other jurisdictions like the French did, using the terror-cudgel against climate activists.
I can also recall that in this case Proton said that had their user actually bothered to use any VPN, even Proton’s, there wouldn’t have been anything to give to authorities except for an exit node IP.
“She shouldn’t have dressed that way.”
Proton could do better, and it’s ridiculous that there are people out here okay with them not doing better.
You’ll agree that Proton doing better would require them to move to a different country, right?
Also Mullvad doesn’t offer email accounts, does it? Seems that they couldn’t have a ‘no user data’ policy if they did since the emails would be exactly that.
I’m okay with this. Sweden isn’t exactly known as a bastion of freedom. Our current minister of equality (Liberals) is pushing for a porn ban. The EU proposal colloquially called “Chat Control” was originally put forth by the Swedish EU Commissioner Ylva Johansson who belongs to the Social Democrats.
You’ll forgive me if I don’t feel like it’s productive to repeat myself, but if you genuinely care for a response you can view it here: https://pawb.social/comment/18804733
Have a good one.
Yeah, they should just go to prison for someone they don’t know and had nothing to do with, that’s the only answer we should be ok with!
Do you hear how stupid that sounds?
Right, because corporations are widely known for going to prison when they break the law. Where exactly did they imprison Facebook for interfering in elections? Running illegal experiments on people? Pirating books and pornography? Surveilling children and selling their data?
Look at Mullvad. They’ve denied access to their data multiple times, they got raided, and nothing of use was recoverable. That’s what respect for privacy looks like. Proton could set their infrastructure up in this fashion, but instead they’ve chosen to just hand out user data freely.
Now you’re comparing apples to oranges? Is that what you do when your position is untenable?
So Proton’s no-log policy is an apple and Mullvad’s no-log policy is an orange, is what you’re saying?
Mullvad is not a mail provider…?
They both have no-log policies. One is “we never log” and the other is “we log sometimes” do you see the difference?
The difference is that they’re different products with different technical requirement.
So Proton should refuse to comply with the law and have to close their entire business?
I don’t know about ‘should’ but wasn’t that the impression their marketing tried to give? Or at least that they would fight to defend user privacy for noble activists? But when challenged, its owners seem to have folded quicker than a strapontin.
No. Nothing in their marketing says they’ll refuse to comply with lawful orders.
They do successfully challenge many of them. This is all documented in their transparency report.
Maybe not now, but it used to say ‘your privacy comes first’ which certainly gave the impression privacy would be more important than blindly believing and obeying courts.
Thanks for the link to their report.
Privacy is not binary. It lives on a Spectrum. On one end you have Proton and Tuta. And on the other, Gmail, Outlook, Yahoo, etc.
For sure, I know this, but privacy does not come first for any of them and it was wrong of Proton ever to say it did. To them, their survival comes before yours, so they will betray you to the Swiss courts if needed.
No. The impression their marketing gave was that they followed Swiss law.
Legal entity that doesn’t comply with the law is simply not possible. If you think otherwise, you’re being really naive
And yet, legal entities are often found guilty of not complying with the law. I think people were expecting Proton to at least try to fight a morally-questionable court order.
They said things that led the unwary to trust they wouldn’t. Remember, this isn’t some terrorist mass-murderer they handed over, but apparently an anti-gentrification youth activist linked to Greta Thunberg’s campaign groups.
Edit to add: in particular, Proton used to claim ‘your privacy comes first’ but this case suggests in reality, the Swiss government’s help for French police comes first.
Proton never says they won’t comply with orders from the Swiss government. You won’t find that claim anywhere on their website, any more than you’ll find it on Tuta’s website.
In fact, they frequently say that they’ll comply with orders from the Swiss government.
The Swiss aren’t Tuta’s government. They would, however, comply with an order from the German government, because they would have no choice.
I meant Proton is pretty open about complying with the Swiss government
of course they are, and that’s a good thing. because there’s a lot of people in the comments here that mistook privacy for anonymity and expect Proton to break the law for them out of principal. which, quite frankly, is unfair to Proton because I’m willing to bet none of the people in this thread would be willing to do that if they were in Proton’s position.
Not to mention that if proton refused to comply and got shut down, they’d be screwing over all of their customers.
Please tell me a mail client that doesn’t comply with national laws.
I never said anything about complying with laws, people just interpreted it that way. Of course everyone will comply with local laws or secret government orders that come with threats of imprisonment. I dont know if Proton was required to log this data in the first place, but if they were then this specific situations is not their fault.
The issue with Proton isnt that they follow laws, but that they portray themselves like they are better or more private than others when they are just not. Bigger = worse in the tech world. Whenever too many people are using services of a single company, it becomes an attractive surveillance target.
What im also annoyed about is people being surprised by this and these headlines that make it look like its some sort of betrayal. You should always be worried about your privacy when you put data on a computer that isnt in your physical possession. Proton isnt trustworthy because nobody is trustworthy except yourself.
it’s always disappointing when people all about FOSS and shit suggest Proton to people looking to switch from google. no, don’t do that. use Tuta or self host or ANYTHING other than Proton. it’s such a shit company that does not deserve the praise they receive.
So Tuta would refuse a legal order from their government?
Probably yes since they don’t operate out of Switzerland. Sorry, couldn’t resist! But they would probably comply with a German legal order.
So…why is Tuta better again?
Am I saying they are?
You’re replying to a comment chain that said “use Tuta”.
They are saying that they are technically right.
Yup, I noticed that and edited about five seconds before you replied lol
deleted by creator
You recognize that it is absurd to complain about recommendations and then recommend something you know nothing about and refuse to stand behind, right?
The answer is no. They would not refuse a legal order from their own government. And it’s ridiculous people think that.
Tuta are also a for-profit company, aren’t they? Just one that currently has better published positions than most. Use them, but make sure you keep a path to the exit door in view.