For all the Proton fans
-
We want to first clarify that Proton did not provide any information to the FBI, the information was obtained from the Swiss justice department via MLAT. Proton only provides the limited information that we have when issued with a legally binding order from Swiss authorities, which can only happen after all Swiss legal checks are passed. This is an important distinction because Proton operates exclusively under Swiss law
I don't use Proton products at all (not for any idealist reasons), but I don't really think this can be much of a condemnation of the company. I don't know what else you can expect them to do in this case.
edit: That said, the real takeaway is that if you want to remain anonymous to a service that can be compelled to hand over data about you (read: more or less any service you might want to use), you should not pay with a credit card linked to your actual name, you should not access it from your home IP address, and you should not use it in any way that links it to your real self.
Proton is security focused, but even they are bound by the laws of the country they operate in. Use TOR, use E2EE, pay with cryptocurrency, maintain hermetic separation between your anonymous and public selves, etc.
@taylor @skinnylatte Really surprised that 404 would give it such a hyped headline if that's all it's about.
I don't think even proton's vpn service claims that they can't be compelled to give over the payment details and account information of your VPN account.
This isn't information they've claimed they will or can secure against being compelled like this.
-
@r3dr3clus3 @skinnylatte If you don't have the data, you can be ordered to give it up by whomever, and you can't. Proton mail claims privacy, but it in fact saves enough data to identify a single individual.
The headline is not biased. Proton claims things they actually can't uphold. This is not the fault of the customer. Stop blaming the victim.
@Pyrogenesis @r3dr3clus3 @skinnylatte
Privacy does not mean you can’t be identified. That’s anonymity. Privacy means your content is for you and the intended recipients only.
Proton does not advertise anonymity. There is a difference, and that’s important to know as a consumer. -
@k3ym0 @skinnylatte I mean yeah, but I'll put it this way: Proton sells its service on how unbelievably private it is and how they'd never give away your identity. When they turn around and do it, it stings far more than another company who never made those promises doing the same. Kinda like Target and DEI: it was a complete 180 from the way they'd sold their brand.
@serebit @skinnylatte what got him was paying for his “anonymous” account with his Platinum Visa like a normie buying socks on Amazon.
Proton handed over the payment identifier, Swiss authorities passed it to the FBI, and suddenly your anonymity has a name on it.
if you’re not paying with Monero or cash, you don’t have an anonymous email. you have encrypted email with a billing address. those are very different things.
-
For all the Proton fans
@skinnylatte displeased as I am about this event, I will contend that you aren't an anonymous anything if you use your US credit card to pay for a service directly. all the banks have anti-"terrorist" KYC going on and if the credit card is associated to a US bank, there it is.
-
For all the Proton fans
@skinnylatte love that all the replies are circlejerking defending proton like their product doesn’t kind of suck to use, cost too much and not actually have many real security benefits.
Not to mention the weird swiss technolibertarianism of their CEO.
-
@freediverx @boojum @skinnylatte That they will protect your privacy to the limit that they legally can, perhaps? A privacy-focused email provider that doesn't abide by the laws of the country they operate in stops existing pretty quickly.
If they can't structure their service in a way that avoids the collection and storage of personally identifiable customer data, then they have no business claiming they offer privacy. This is like charging a premium for the world’s most secure door lock when a burglar can easily enter your house by breaking a window.
-
@skinnylatte love that all the replies are circlejerking defending proton like their product doesn’t kind of suck to use, cost too much and not actually have many real security benefits.
Not to mention the weird swiss technolibertarianism of their CEO.
@skinnylatte Fastmail is right there for less money with better features, and they don’t lie to you about how they’ve made a relatively insecure protocol more secure!
-
For all the Proton fans
Without following their countries laws …?
-
For all the Proton fans
@skinnylatte Anyone who thinks Proton, Tuta or any other company is going to disobey a court order to protect a user is delusional. Proton states upfront that for absolute anonymity, use a free account (or pay with cash or whatever) and only connect using their onion site. They've never given up the content of emails (cause its encrypted in such a way that they can't access). They've never given any log info for VPN use (cause they have a strict no logs policy). Its as simple as that.
-
@serebit @skinnylatte what got him was paying for his “anonymous” account with his Platinum Visa like a normie buying socks on Amazon.
Proton handed over the payment identifier, Swiss authorities passed it to the FBI, and suddenly your anonymity has a name on it.
if you’re not paying with Monero or cash, you don’t have an anonymous email. you have encrypted email with a billing address. those are very different things.
This really should be front and centre of the discussion. They complied with a valid Swiss court order, as stated on their ToS.
The account holders opsec is the issue if they required full anonymity (possible? Another discussion).
This whole thing is the same as the statement "Your VPN provider won't go to jail for your $5".
If they were served with an administrative warrant from an out of jurisdiction LEA and complied, then WAY more to be upset over.
-
@kDelta @WakinUniverseJo @skinnylatte Forwarding is free, hosting/sending isn't. It's only $3 a month though.
-
For all the Proton fans
@skinnylatte This...seems perfectly normal? Like, what was Proton's alternative here?
-
For all the Proton fans
@skinnylatte Whats the problem? Court order said give the info, they gave the info. They're not a pirate email provider operating in international waters in a submarine disguised as a whale.... they're a business who focuses on privacy.
-
This really should be front and centre of the discussion. They complied with a valid Swiss court order, as stated on their ToS.
The account holders opsec is the issue if they required full anonymity (possible? Another discussion).
This whole thing is the same as the statement "Your VPN provider won't go to jail for your $5".
If they were served with an administrative warrant from an out of jurisdiction LEA and complied, then WAY more to be upset over.
@chroma0 @k3ym0 @serebit @skinnylatte exactly, why is it so hard for people to undertsnd this? guess from a US lens they look at it, oh my local cop without even a magistrate warrent got everything from the us corp, so court orders in another county holds the same weight as that email the cop sent through.
-
For all the Proton fans
@skinnylatte goddammit!
-
@r3dr3clus3 @skinnylatte If you don't have the data, you can be ordered to give it up by whomever, and you can't. Proton mail claims privacy, but it in fact saves enough data to identify a single individual.
The headline is not biased. Proton claims things they actually can't uphold. This is not the fault of the customer. Stop blaming the victim.
@Pyrogenesis "The headline is not biased" - so I'll ask again: Did Proton help the FBI? Or did Proton comply with a Swiss Court Order, and the Swiss government helped the FBI?
A more unbiased headline might be, "Proton turns over user payment information because of Swiss Court Order".
I'm not blaming a victim. I'm demanding better activism. We live in a world where organized activism is becoming more and more crucial, and it's the responsibility of activists, especially those organizing activism, to understand the capabilities and limitations of their communications networks.
I'm not blaming anyone. I'm saying I want people to realize that it doesn't matter if this was Proton, or Tuta, or some other "private" service, and realize that they are all beholden to legal systems that determine the minimal amount of data that must be collected, the length of time it has to be retained, and how personally identifiable that information is.
So if I'm "blaming the victim" by saying, "There is a valuable lesson to be learned here, and it's not just dunking on Proton" then sure, that's what I'm doing and I stand by it.
EDIT
For anyone going, "tHiS iS wHy I uSe TuTa!", here's a link to a page with a big red banner that Tuta rejected 75% of all court orders in 2025. Which is very cool, don't get me wrong - that's super cool - but what are those other 25%?
https://tuta.com/blog/transparency-reportAm I more into Tuta than Proton at this point? Yep. Do I think Proton was really the issue this time? Nope.
Stay sharp.
-
For all the Proton fans
@skinnylatte Their AI bs made me leave. Moved over to Tuta.
-
@skinnylatte Their AI bs made me leave. Moved over to Tuta.
@thestrangelet yeah this is my actual problem with them. No company is gonna refuse a court order from the government they operate under. I’m a paid proton account girl rn but I’m maintaining my tutamail and may switch due to the genAI pushing in proton.
-
For all the Proton fans
@skinnylatte they also did that to a climate fan. I've long said like Telegram is not so private as people think - use systems like cyberfear (and their related email system).
-
For all the Proton fans
@skinnylatte @protonprivacy ¿Explanation?
