Proton denied all 47 requests for user data this year, making it 458 rejected since 2019, not a single one fulfilled.

  • IceFoxX@lemmy.world
    link
    fedilink
    arrow-up
    7
    arrow-down
    6
    ·
    3 days ago

    Proton has lied outrageously in the past (since its founding) and then, in 2021, updated its website regarding IP storage—or rather, removed the statement claiming that no IP addresses are stored. You definitely shouldn’t trust that statement.

    • Otter@lemmy.ca
      link
      fedilink
      arrow-up
      7
      ·
      3 days ago

      Do you have an article about that? I don’t remember hearing about this

      Legal requests by law enforcement / government can often be followed up on. If someone was unmasked in a way that could be used in court, then we’d see it being used in court?

      • IceFoxX@lemmy.world
        link
        fedilink
        arrow-up
        6
        arrow-down
        2
        ·
        edit-2
        3 days ago

        https://cyberinsider.com/protonmail-logs-users/

        https://arstechnica.com/information-technology/2021/09/privacy-focused-protonmail-provided-a-users-ip-address-to-authorities/

        https://techcrunch.com/2021/09/06/protonmail-logged-ip-address-of-french-activist-after-order-by-swiss-authorities/

        In 2021, it caused quite a stir when they removed the “We do not keep any IP logs” statement… Anyway, I was already in contact with them about this back in 2019, and all I got from them were lies. Nevertheless, Proton is still the least worst provider. (Unfortunately, I didn’t save the answers.)

        It goes without saying, of course, that Proton must abide by the law, and there’s nothing wrong with that. What is reprehensible, however, is that they did this for years while claiming something else on their website, thereby deceiving users—and that this lie gave them a competitive advantage over other providers who were upfront and honest from the start, resulting in those providers attracting fewer users because people were more likely to go with Proton due to the deception.

          • Telorand@reddthat.com
            link
            fedilink
            arrow-up
            2
            ·
            2 days ago

            This article is about Proton VPN, not Proton Mail. Proton is the parent company, but because of the way the technologies work, there’s different considerations you would need to make, especially if you’re an activist on a government’s shitlist.

            Mail has to store data like where a message came from and who is the recipient. Doesn’t matter if the rest of the message is encrypted, and a government might find that to be enough to abuse someone.

            A VPN, however, can drop a given connection’s endpoint data the millisecond it’s not needed. This is basically how no-log VPNs work.

            I don’t use Proton, but given that Chat Control is now the law of the land in the EU, the options for a “safe” VPN are getting ever smaller as authoritarianism threatens to break cryptography and privacy in a vain effort to “protect the children.”

          • IceFoxX@lemmy.world
            link
            fedilink
            arrow-up
            2
            arrow-down
            1
            ·
            edit-2
            2 days ago

            As I said, it’s still the least bad provider. As for VPNs, I definitely won’t name my provider (it doesn’t have to be public), but before I’d use Proton VPN, I’d rather go with Mullvad. Rent a VPS outside the 5/9/14 Eyes alliance and set up a vpn there yourself, etc. Combine all of this with I2P or Tor. Encrypt emails separately with PGP.

            But it’s 2026… Western countries are already taking action against all of that anyway.