- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
You must log in or # to comment.
That’s why my email provider is in Norway and not Switzerland. Norway has much stronger privacy laws.
What? Police can “subpoena” whatever the fuck they want. ISPs must log and keep them for years. Will share with allied intelligence services and Interpol. Never thought of Norwegian privacy laws as particularly strong…
Yeah right, so much better to have your e-mails stored in clear text. With E2EE, I don’t give any fucks about local laws. My data stays my data.
Doesn’t proton’s e2ee only work if you’re emailing with another proton user?
Protons’ copy is always encrypted. E2EE doesn’t apply when the recipient is on an external mail server (unless you explicitly encrypt it with their public PGP key).
This still provides the major benefit of encrypting your email archive, and protection from data breach.
Or from Police forcing them to provide data. Because all they can provide is encrypted data.
I’m not well versed in encryption, can’t they just decrypt them at will? When I use their webmail I just login, I don’t provide any decryption pass
Yes you do, the data is encrypted with your password
In that case, even if they don’t have your password right now, they just need to wait until you log in the next time.
metadata is very important too. arrests are made, and drone strikes are approved over it.
That’s not entirely accurate. All metadata is encrypted, too, with the only exception of your IP. But there are ways to hide that, too, if necessary. So you only see the IP, date-time and how much data is transferred. But you will never see what was transferred or what is stored.
First time I hear about them, how long have you been using their service?
A good 10 years. I’ve had zero issues, with my account or my family members’.
Thanks
The article states that Proton plans to move certain (AI) data centers to Germany and Norway, as they seemed those the most sensitive. I can imagine if these laws/policies are enacted, they would look to move all services.
Well, Proton can move wherever they want and be as good as they what, I’ll never be a customer again because of what their fuckhead CEO Andy Yen said.
I don’t care that he’s backpedaled, I don’t care that Andy Yen isn’t Proton-the-company, and I’m even willing to accept it was a very unfortunate duh moment on his part. Here the thing: I don’t have many ways as a nobody to get back at Trump, but one way is to not give any of my money to anybody who enabled him, even by mistake.
So Proton is on my shitlist forever thanks to Yen.
Yeah sure, I was just speaking to your statement regarding privacy laws. Yen’s statement (and beliefs) are an extremely unfortunate inconvenience.
Lmao this would be a great bit if you weren’t serious.
Is this what Trump Derangement Syndrome looks like?
Fucking Fascists.
I’m fascism-intolerant. Different disease, but one I’m proud to suffer from.
Online poster voting with his money got this bootlicker bent out of shape
“Free market” goes all ways, even when it hurts the feelings of fascists ¯\(ツ)/¯ maybe one day they’ll understand lol
They’ll never understand anything. They’ll plead ignorance in 10 years if we still have things like courts by then
I think the reason is not sensitivity, but that it’s less risky to move a very new, niche service if they fuck it up somehow. as I understood their announcement they may move other services too later on
Oh, thanks for making me aware of this. I’ve never heard of them despite living in Norway
Shows that the only true end to end encryption is when the sender and recipient do the encrypting/decrypting locally. Even then, it requires both ends not to be compromised.
iirc proton has complied with requests to identify users before too.
Legal requests, which they were legally obligated to comply with. Every single country in the world will have some avenue to require data to be released to authorities.
That’s why strong privacy at every layer is so important. E2EE, for instance, means Proton cannot turn over any data that was transferred to and from customers. Private payments mean the company can’t turn over data on who is paying for accounts. DoH means the company can’t turn over data on what sites customers visited. Etc…
do you think any company in any country can refuse to do that?
no, i think they can move
you mean, move after getting the request? that won’t rid them of the obligation to serve the request, laws can be enforced internationally. and if they were to move to a small island or something, a big question if they have any capable servers and network bandwidth, and whether that small country try to extort the company to their benefit that just moved there
Move where?
I’m not inherently trying to defend Proton here, but the question to ask here is – did they have a choice? I’m asking seriously, and not rhetorically. Did they willingly hand over the data, or were they legally required to, by Swiss law?
they can always move
Two points here…
- Moving after they receive the request doesn’t void the request. They’d still be legally compelled to turn over the data.
- They are. That’s literally what this article is about.
Which is what they’re doing, but the bigger point is that you can’t say you’re going to move while all of this (subpoenas, etc) are happening. Before, sure. After, sure. During? Nope.
Switzerland has strong privacy laws, but there are still situations where they legally have to comply. Of course, Proton also collects very little data and keeps things end to end encrypted, so even if they have to provide data, it’s not much.
