And yet, legal entities are often found guilty of not complying with the law. I think people were expecting Proton to at least try to fight a morally-questionable court order.
What data? Here it is the IP address and only under order by authorities.
I feel ever since the social media shitstorm people love to pile on Proton for anything. They never said they won’t comply with law enforcment, did they?
What data? Here it is the IP address and only under order by authorities.
Whatever they gather. It says as much in the article; they started recording IPs once a request by the Swiss government came through.
ProtonMail can’t directly share data with foreign governments. In fact, doing so is illegal under Article 271 of the Swiss Criminal code. The police gained access to the IP address because Swiss authorities chose to cooperate with the French government. ProtonMail also points out how Swiss authorities will only approve requests that meet Swiss legal standards.
Under Swiss law, ProtonMail should notify the user if a third party makes a request for their private data and if the data is for a criminal proceeding. However, there’s a big catch/ loophole here. On its law enforcement page, ProtonMail highlights that the notification can be delayed in the following cases:
That’s based on the currently available laws. So if a law gets drafted that says “if we suspect someone to be complicit in criminal activity we want you to gather more data” we should just be fine with that because the authorities say so? Because the authorities are always infallible and incorruptible, right?
The details of this individual case isn’t the problem, it’s the precedent it sets that is. When Mullvad got raided for their logs there was nothing recovered because they don’t store anything. Proton stores things based on if the authorities ask them to, and when they find out that it wasn’t a terrorist or child-trafficker they go “woops we had no idea the account belonged to a climate activist.”
Right, because corporations are widely known for going to prison when they break the law. Where exactly did they imprison Facebook for interfering in elections? Running illegal experiments on people? Pirating books and pornography? Surveilling children and selling their data?
Look at Mullvad. They’ve denied access to their data multiple times, they got raided, and nothing of use was recoverable. That’s what respect for privacy looks like. Proton could set their infrastructure up in this fashion, but instead they’ve chosen to just hand out user data freely.
No, I’m saying that you’re comparing email to a VPN. You’re not stupid, you know it’s a bad comparison, which is why you didn’t compare Mullvad to ProtonVPN, because you know your argument would fall apart immediately.
I’m comparing Mullvad (a company) to Proton (a company) not their products. They both have a no-log policy (that’s a company policy) only one is actually no logs, and the other is “we sometimes log.” I don’t think you’re stupid either, so I don’t get what’s not getting through.
ProtonMail does not log things by default, but they can still be court ordered to do so by swiss authorities - if you want to run any business at all, you have to submit to a jurisdiction, you can only choose which one to run under. And even if your chosen authority is alright by itself, it can still be misled by other jurisdictions like the French did, using the terror-cudgel against climate activists.
I can also recall that in this case Proton said that had their user actually bothered to use any VPN, even Proton’s, there wouldn’t have been anything to give to authorities except for an exit node IP.
Proton said that had their user actually bothered to use any VPN, even Proton’s, there wouldn’t have been anything to give to authorities except for an exit node IP.
“She shouldn’t have dressed that way.”
Proton could do better, and it’s ridiculous that there are people out here okay with them not doing better.
Our legal entity is in Sweden, where the law does not allow for any government to force us to spy on our users.
You’ll agree that Proton doing better would require them to move to a different country, right?
Also Mullvad doesn’t offer email accounts, does it? Seems that they couldn’t have a ‘no user data’ policy if they did since the emails would be exactly that.
You’ll agree that Proton doing better would require them to move to a different country, right?
I’m okay with this. Sweden isn’t exactly known as a bastion of freedom. Our current minister of equality (Liberals) is pushing for a porn ban. The EU proposal colloquially called “Chat Control” was originally put forth by the Swedish EU Commissioner Ylva Johansson who belongs to the Social Democrats.
Also Mullvad doesn’t offer email accounts, does it? Seems that they couldn’t have a ‘no user data’ policy if they did since the emails would be exactly that.
You’ll forgive me if I don’t feel like it’s productive to repeat myself, but if you genuinely care for a response you can view it here: https://pawb.social/comment/18804733
I don’t know about ‘should’ but wasn’t that the impression their marketing tried to give? Or at least that they would fight to defend user privacy for noble activists? But when challenged, its owners seem to have folded quicker than a strapontin.
Nothing in their marketing says they’ll refuse to comply with lawful orders.
Maybe not now, but it used to say ‘your privacy comes first’ which certainly gave the impression privacy would be more important than blindly believing and obeying courts.
For sure, I know this, but privacy does not come first for any of them and it was wrong of Proton ever to say it did. To them, their survival comes before yours, so they will betray you to the Swiss courts if needed.
That’s the issue.
Legal entity that doesn’t comply with the law is simply not possible. If you think otherwise, you’re being really naive
And yet, legal entities are often found guilty of not complying with the law. I think people were expecting Proton to at least try to fight a morally-questionable court order.
What data? Here it is the IP address and only under order by authorities.
I feel ever since the social media shitstorm people love to pile on Proton for anything. They never said they won’t comply with law enforcment, did they?
Whatever they gather. It says as much in the article; they started recording IPs once a request by the Swiss government came through.
That’s based on the currently available laws. So if a law gets drafted that says “if we suspect someone to be complicit in criminal activity we want you to gather more data” we should just be fine with that because the authorities say so? Because the authorities are always infallible and incorruptible, right?
The details of this individual case isn’t the problem, it’s the precedent it sets that is. When Mullvad got raided for their logs there was nothing recovered because they don’t store anything. Proton stores things based on if the authorities ask them to, and when they find out that it wasn’t a terrorist or child-trafficker they go “woops we had no idea the account belonged to a climate activist.”
The authorities aren’t infallible. Some years back here in Sweden we had police raid, physically abuse, and kidnap a guy they suspected was a pedophile because he’d sent images of him and his 30 year old boyfriend having sex via Yahoo Mail. There’s no reality where this man should’ve been fucking beaten up and traumatised the way he was, but it happened, and there was no recourse for him. Nowhere down the chain of responsibility did anyone get reprimanded or investigated for misconduct.
Complying with the law is such a bullshit fucking excuse.
Yeah, they should just go to prison for someone they don’t know and had nothing to do with, that’s the only answer we should be ok with!
Do you hear how stupid that sounds?
Right, because corporations are widely known for going to prison when they break the law. Where exactly did they imprison Facebook for interfering in elections? Running illegal experiments on people? Pirating books and pornography? Surveilling children and selling their data?
Look at Mullvad. They’ve denied access to their data multiple times, they got raided, and nothing of use was recoverable. That’s what respect for privacy looks like. Proton could set their infrastructure up in this fashion, but instead they’ve chosen to just hand out user data freely.
Now you’re comparing apples to oranges? Is that what you do when your position is untenable?
So Proton’s no-log policy is an apple and Mullvad’s no-log policy is an orange, is what you’re saying?
No, I’m saying that you’re comparing email to a VPN. You’re not stupid, you know it’s a bad comparison, which is why you didn’t compare Mullvad to ProtonVPN, because you know your argument would fall apart immediately.
I’m comparing Mullvad (a company) to Proton (a company) not their products. They both have a no-log policy (that’s a company policy) only one is actually no logs, and the other is “we sometimes log.” I don’t think you’re stupid either, so I don’t get what’s not getting through.
ProtonMail does not log things by default, but they can still be court ordered to do so by swiss authorities - if you want to run any business at all, you have to submit to a jurisdiction, you can only choose which one to run under. And even if your chosen authority is alright by itself, it can still be misled by other jurisdictions like the French did, using the terror-cudgel against climate activists.
I can also recall that in this case Proton said that had their user actually bothered to use any VPN, even Proton’s, there wouldn’t have been anything to give to authorities except for an exit node IP.
“She shouldn’t have dressed that way.”
Proton could do better, and it’s ridiculous that there are people out here okay with them not doing better.
You’ll agree that Proton doing better would require them to move to a different country, right?
Also Mullvad doesn’t offer email accounts, does it? Seems that they couldn’t have a ‘no user data’ policy if they did since the emails would be exactly that.
I’m okay with this. Sweden isn’t exactly known as a bastion of freedom. Our current minister of equality (Liberals) is pushing for a porn ban. The EU proposal colloquially called “Chat Control” was originally put forth by the Swedish EU Commissioner Ylva Johansson who belongs to the Social Democrats.
You’ll forgive me if I don’t feel like it’s productive to repeat myself, but if you genuinely care for a response you can view it here: https://pawb.social/comment/18804733
Have a good one.
Mullvad is not a mail provider…?
They both have no-log policies. One is “we never log” and the other is “we log sometimes” do you see the difference?
The difference is that they’re different products with different technical requirements.
So Proton should refuse to comply with the law and have to close their entire business?
I don’t know about ‘should’ but wasn’t that the impression their marketing tried to give? Or at least that they would fight to defend user privacy for noble activists? But when challenged, its owners seem to have folded quicker than a strapontin.
No. The impression their marketing gave was that they followed Swiss law.
No. Nothing in their marketing says they’ll refuse to comply with lawful orders.
They do successfully challenge many of them. This is all documented in their transparency report.
Maybe not now, but it used to say ‘your privacy comes first’ which certainly gave the impression privacy would be more important than blindly believing and obeying courts.
Thanks for the link to their report.
Privacy is not binary. It lives on a Spectrum. On one end you have Proton and Tuta. And on the other, Gmail, Outlook, Yahoo, etc.
For sure, I know this, but privacy does not come first for any of them and it was wrong of Proton ever to say it did. To them, their survival comes before yours, so they will betray you to the Swiss courts if needed.