WelcomeUser Guide
ToSPrivacyCanary
DonateBugsLicense

©2024 Poal.co

939

End-to-end encrypted email service provider ProtonMail has drawn criticism after it ceded to a legal request and shared the IP address of anti-gentrification activists with law enforcement authorities, leading to their arrests in France.

The Switzerland-based company said it received a "legally binding order from the Swiss Federal Department of Justice" related to a collective called Youth for Climate, which it was "obligated to comply with," compelling it to handover the IP address and information related to the type of device used by the group to access the ProtonMail account.

On its website, ProtonMail advertises that: "No personal information is required to create your secure email account. By default, we do not keep any IP logs which can be linked to your anonymous email account. Your privacy comes first."

Despite its no IP logs claims, the company acknowledged that while it's illegal for the company to abide by requests from non-Swiss law enforcement authorities, it will be required to do so if Swiss agencies agree to assist foreign services such as Europol in their investigations.

"There was no possibility to appeal or fight this particular request because an act contrary to Swiss law did in fact take place (and this was also the final determination of the Federal Department of Justice which does a legal review of each case)," the company said in a lengthy response posted on Reddit.

Put simply, ProtonMail will not only have to comply with Swiss government orders, it will be forced to hand over data when individuals use the service to engage in activities that are deemed illegal in the country.

"Proton must comply with Swiss law. As soon as a crime is committed, privacy protections can be suspended and we're required by Swiss law to answer requests from Swiss authorities," ProtonMail founder and CEO Andy Yen tweeted, adding "It's deplorable that legal tools for serious crimes are being used in this way. But by law, [ProtonMail] must comply with Swiss criminal investigations. This is obviously not done by default, but only if legally forced."

If anything, ProtonMail users who are concerned about the visibility of their IP addresses should use a VPN or access the email service over the Tor network for additional anonymity.

"The prosecution in this case seems quite aggressive. Unfortunately, this is a pattern we have increasingly seen in recent years around the world (for example in France where terror laws are inappropriately used)," the company said.

End-to-end encrypted email service provider ProtonMail has drawn criticism after it ceded to a legal request and shared the IP address of anti-gentrification activists with law enforcement authorities, leading to their arrests in France. The Switzerland-based company said it received a "legally binding order from the Swiss Federal Department of Justice" related to a collective called Youth for Climate, which it was "obligated to comply with," compelling it to handover the IP address and information related to the type of device used by the group to access the ProtonMail account. On its website, ProtonMail advertises that: "No personal information is required to create your secure email account. By default, we do not keep any IP logs which can be linked to your anonymous email account. Your privacy comes first." Despite its no IP logs claims, the company acknowledged that while it's illegal for the company to abide by requests from non-Swiss law enforcement authorities, it will be required to do so if Swiss agencies agree to assist foreign services such as Europol in their investigations. "There was no possibility to appeal or fight this particular request because an act contrary to Swiss law did in fact take place (and this was also the final determination of the Federal Department of Justice which does a legal review of each case)," the company said in a lengthy response posted on Reddit. Put simply, ProtonMail will not only have to comply with Swiss government orders, it will be forced to hand over data when individuals use the service to engage in activities that are deemed illegal in the country. "Proton must comply with Swiss law. As soon as a crime is committed, privacy protections can be suspended and we're required by Swiss law to answer requests from Swiss authorities," ProtonMail founder and CEO Andy Yen tweeted, adding "It's deplorable that legal tools for serious crimes are being used in this way. But by law, [ProtonMail] must comply with Swiss criminal investigations. This is obviously not done by default, but only if legally forced." If anything, ProtonMail users who are concerned about the visibility of their IP addresses should use a VPN or access the email service over the Tor network for additional anonymity. "The prosecution in this case seems quite aggressive. Unfortunately, this is a pattern we have increasingly seen in recent years around the world (for example in France where terror laws are inappropriately used)," the company said.

(post is archived)

You are currently inside a comment thread.
Click here to see all the comments (78).
[–] 3 pts (edited )

I don't think there are any safe alternatives for e-mail. Snail mail is only secure because they need a warrant to open a letter.

Run your own e-mail server at home is about the only secure option but email rolls over public networks.

Exchange PGP keys with those you converse with and run your own server. I still think the NSA can read anything they want.

[–] 0 pt

The FBI doing an old fashioned mail cover? No agent has been assigned to do that in 25 years.

[–] 1 pt

The USPS does it.

[–] 0 pt

Can confirm. Its worse than you'd think.

[–] 0 pt

thats exactly what a glownigger looking for marks would say

[–] -1 pt

thats exactly what a glownigger looking for marks would say

[–] 0 pt (edited )

Run your own e-mail server at home is about the only secure option

It's not, especially if you're new to this, needless to mention the fact that it points directly at your physical "home"

Let's be serious here, you want some sort of anonymity on the network you access the network through means that aren't directly tied to your bank account at one point or another other for a start. The internet connection you use isn't attached to your credit card (or anyone's credit card/bank account related to you), the machine you use hasn't been bought with your credit card, your name isn't attached to it and you don't use that machine with anything attached to your credit card

From there even if you still can be seen on the network as a connected machine, your IP and MAC addresses and geolocation or whatever, aren't directly pointing at your identity

The hardest part is the connection, until no one can buy anything without a credit card of course

[–] 0 pt

Are you the guy that was always saying he posts using a Starbucks wifi?

I went to the library and holy shit even in the boonies they assign you a single ID'ed slot which you have to sign in for. If you have a laptop and use your phone it kicks you off since it's two devices.

[–] 0 pt

No I'm that guy and yes it's becoming tighter as years go by, depending on your geographic location