Proton Mail Privacy Controversy

This story from 404 Media is starting to gain some traction in social media. If you can’t get past the firewall, the basic detail is that Proton, a Swiss company, complied with an order from the Swiss government to provide information on a Proton Mail email account associated with a protest group. The Swiss government then turned that info over to the FBI as part of an information sharing treaty, which exposed the identity of the account owner. The data was specifically payment processing details that could be used to trace the user.

Proton is going to take some flack over this due to their privacy focus, but I’m not convinced it is really deserved. No matter who privacy focused a company may be, they aren’t exempt from complying with the laws of the country where they are located. The real lesson here is that you can’t count on any technology to be 100% bulletproof in protecting privacy and that protest/advocacy always is going to carry some risk.

Proton also correctly pointed out that had they used a more anonymous payment option (Proton even offers an ability to pay with cash), the privacy would have been better protected. The real problem is that maintaining privacy is a difficult and opaque process and it is forever difficult to figure out everything one needs to do.