this post was submitted on 14 Jan 2024
-1 points (49.4% liked)

Privacy

32177 readers
407 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

they scrubed there no ip logs policy years ago

top 33 comments
sorted by: hot top controversial new old
[–] [email protected] 53 points 10 months ago

Tldr: Yes, still secure and private.

[–] [email protected] 48 points 10 months ago (3 children)

What are they supposed to do as an internationally known and used company? Reject legal proceedings and ignore official national laws?

[–] [email protected] 40 points 10 months ago (1 children)

I mean, the answer to that is clearly they should structure their service to store the absolute least possible personal information needed to allow the service to function so that when a legitimate law enforcement agency comes knocking they can honestly say they don't have much.

Which... appears to be pretty much what they do.

I agree with you. Losing the protection of a right -- even one as fundamental as privacy -- is by definition not a violation so long as that happens through due process. Now we can certainly talk a lot about what level of process is due, and I'm sure it will be basically unanimous that current standards around the world are FAR too accommodating to law enforcement, but at least in principle a warrant justifies the invasion of privacy. That's what the warrant is for.

This story kind of makes me want to switch all my stuff to ProtonMail.

[–] [email protected] 6 points 10 months ago (1 children)

Yeah I would agree with you that given the service they provide (email is brutal), they couldn't really collect any less info or improve security/privacy much more.

[–] [email protected] 1 points 10 months ago

they could not log the ips

[–] [email protected] 26 points 10 months ago (3 children)

Idk for most people, but the reason I use proton mail is to avoid google parsing everything I receive to send me ads. I "have nothing to hide" on a legal pov, I'm not a criminal, the worst offence I do is like Jay walking or crossing at a red light on foot when there is no one at midnight. I don't use proton services to protect myself from the law (or in other words to avoid the consequences of my acts), I just want to be a customer instead of a product.

[–] [email protected] 9 points 10 months ago

This is exactly why I use Proton as well. I'm not worried about law enforcement, I just want Google and other big tech's tentacles out of my fucking business. I don't want to be advertised to.

[–] [email protected] 7 points 10 months ago

YOU JAY WALK!?

You are a disgrace!!! How do you sleep with yourself?

DISGUSTING!

/s

But that’s a really great point. It’s easy to thinking of your threat model as all or nothing. And you are right. I’m not hiding from the law. I’m hiding from advertisers. If the government acquires my information then it was a mistake on their part as there is nothing there to find other than emails from my bank.

[–] [email protected] 7 points 10 months ago

This exactly. This is the audience for proton mail, and their success while sticking to this model is hope for us all

[–] [email protected] 24 points 10 months ago (1 children)

My threat model is not LE, its google, facebook, etc. If me using privacy services happens to make LE's job harder well thats just the cherry on top.

[–] [email protected] 4 points 10 months ago

At the same time it's also important that the provider only complies with requests where it legally has to. I trust Proton to act this way.

[–] [email protected] 21 points 10 months ago (1 children)

The article is actually pretty balanced. Yes Proton is secure and private, but if you're hiding from law enforcement, don't expect a third party to take the fall for you.

[–] [email protected] 5 points 10 months ago* (last edited 10 months ago) (1 children)

If you're hiding from the LEOs in any real way you sure as fuck aren't using email.

[–] [email protected] 2 points 10 months ago

I mean.... It's not like mailcow is too hard to set up if you want to write down your crimes in the same way Janice from accounting sent you that obnoxious blinking new Year's .gif Mail

[–] [email protected] 13 points 10 months ago (2 children)

Well I'm a customer and I think it's fine if the requests are legitimate. The question then of course is what is legitimate.

[–] [email protected] 5 points 10 months ago

Its always about petty shit like piracy. You'd wish it was all them catching CSAM creators but thats a sliver of it. They'd be catching more rich dudes if it was.

[–] [email protected] 1 points 10 months ago

Arresting XR rebels... So jo, it's not legitimate at all

[–] [email protected] 13 points 10 months ago* (last edited 10 months ago) (1 children)

My understanding is that the email is encrypted still so… they hand over the encrypted data which might be useless.

(CEO did a podcast this week for a Linux podcast)

[–] [email protected] 4 points 10 months ago* (last edited 10 months ago) (1 children)
[–] [email protected] 1 points 10 months ago* (last edited 10 months ago)

I thought the email body is e2e encrypted nowadays by default(?). And I mean regardless of who your provider is.

[–] [email protected] 2 points 10 months ago (1 children)

Tangentially related information... this post led me to check on how many data requests Google receives from law enforcement (internationally). The answer is about 420,000 requests in 2023 (if you take the most recent data from Q1 and Q2 2023 and double it).

Ref: https://www.statista.com/statistics/273501/global-data-requests-from-google-by-federal-agencies-and-governments/

[–] [email protected] 1 points 10 months ago (1 children)

The question then becomes, how much more users does google have than proton

[–] [email protected] 5 points 10 months ago

I did think about this but a mail service like Proton is going to attract proportionately more attention from the authorities because its users are going to be made up primarily of people who are more privacy/security focused (perhaps with something to hide) so having user numbers is not going to be that helpful in terms of doing a comparison. Also Google has a bit of a fake account problem, and a lot of people have a Google account only to enable them to access Google services (Android, Google Docs), and some people have multiple Google accounts.

[–] [email protected] 0 points 10 months ago (1 children)

I suppose they now keep logs of their VPN service too then.

[–] [email protected] 5 points 10 months ago* (last edited 10 months ago) (1 children)

Swiss law doesnt allow complying with VPN services afaik.

ProtonVPN and ProtonMail are completely seperate too.

[–] [email protected] 2 points 10 months ago* (last edited 10 months ago) (1 children)

Do you mean the law doesn't allow forcing the VPN service to comply with VPN log requests by authorities?

And what do you mean by "completely separate"?

Proton VPN... is operated by the Swiss company Proton AG, the company behind the email service Proton Mail.

https://en.wikipedia.org/wiki/Proton_VPN

[–] [email protected] 5 points 10 months ago

@sqgl @ReakDuck
From what I understood :
Under Swiss laws, VPN providers are not forced to log anything.
They also can't comply with orders coming from a foreign country if not approved by Swiss authorities.
If someone is put under surveillance, he/she have to know that.

However, always remind that that's just the law, not what is technically possible. If you're considered as a real threat for an important country, neither Switzerland or any country will protect you.

[–] labbbb 0 points 10 months ago

ProtonMail was not even against cooperation with the RuSSian terrorist government, and this post was still downvoted, funny.

Have you already decided whether privacy is important to you or not?