I have limited knowledge about the specific laws governing various services like VPNs and email providers. For instance, within the Proton ecosystem, there is a belief that VPN services should retain minimal or no user information. If I utilize Proton VPN through my Proton account, which is linked to Proton Mail and other Proton services, there may be some legal requirements for email providers to disclose IP addresses to law enforcement upon request. Consequently, it is recommended to use a VPN when accessing email services. However, if I use Proton VPN, which falls under the same Proton umbrella, could Proton be legally obliged to provide information about my real IP address or other related data? Since all these services are operated by one company and connected to a single Proton account, is it possible for data from one service to be used to identify me on another service?
Essentially, my concern is that if Proton were compelled to do so, it could potentially gather data from the multiple services I use and surrender it. While using Mullvad to access Proton Mail seems safe from this perspective, what happens if I use Proton VPN to access Proton Mail?
Are proton vpn and proton mail treated as 2 different companies or multiple offerings of the same company?
“Depending on the nature of your case and which country the request is originating from, Proton AG may redirect you to competent Swiss authorities in order to respect the relevant Mutual Legal Assistance Treaty (MLAT) or your local international police cooperation organization.”
" Please note that in no case will Proton AG provide you with data directly following contact. If any data can be requested, it will always be transmitted through the Swiss authorities."
IMO, By the time your government contacts the swiss authorities I think your in the Proton AG ecosystem and it’s all over.
If you are using Proton VPN, then no. The VPN is a separate service governed by a separate law and they don’t collect your IP to begin with. I recommend checking our Proton’s separate privacy policy for Proton VPN and Proton Mail, along with their general policy - these should help you more. If you’re still stuck, reach out to Proton as I have asked them very specific questions regarding how the service works and they were able to provide a great answer.
Proton is based in Switzerland. Switzerland has an exception to their email data retention law for Proton - “Switzerland only applies data retention to the largest Internet service providers with over 100 million CHF in annual Swiss-sourced revenue. This notably exempts derived communications providers such as ProtonMail, a popular encrypted email service based in Switzerland. [76]” ~ Wikipedia - Data retention - Wikipedia. On top of that, as I have already said, check out Proton’s policies as they should help clarify.
