Why people misunderstand Proton Mail & The Activist

I still see loads of people going on about how, ‘Proton isn’t safe, they log IP Addresses’, etc…

When in reality, Proton (Proton AG) is a registered company in Switzerland that has to follow and abide by Swiss law or else they could be fined or even shutdown.

In this case Proton received a un-appealable request from Europol through the Swiss courts for a users IP Address.

This made headlines. Many people started to spread; ‘Proton isn’t safe’, ‘Don’t use it’, etc…

Without releasing that if the user in question used Proton VPN (which has a free tier), under Swiss law they could not log any IP Addresses and could only give the IP Address of the VPN server to the courts. The user could also have used Tor to access Proton services.

So, if you are wondering whether to trust Proton or not…

Short Answer:

Yes, you should trust them.

Long Answer:

Yes. But it depends on what your threat model is, although most threat models will suit Proton (IMO). The only threat model that won’t really suit Proton is if you are running from the government.

Remember, email is not in any way a private form of communication. If you need to communicate privately and securely use a service like Signal.

Plus, this case reveals that they are truthful with their privacy practices. For example, they couldn’t hand over any email contents.

1 Like