204
That's why my email provider is in Norway and not Switzerland. Norway has much stronger privacy laws.
What? Police can "subpoena" whatever the fuck they want. ISPs must log and keep them for years. Will share with allied intelligence services and Interpol. Never thought of Norwegian privacy laws as particularly strong..
First time I hear about them, how long have you been using their service?
A good 10 years. I've had zero issues, with my account or my family members'.
Thanks
The article states that Proton plans to move certain (AI) data centers to Germany and Norway, as they seemed those the most sensitive. I can imagine if these laws/policies are enacted, they would look to move all services.
Well, Proton can move wherever they want and be as good as they what, I'll never be a customer again because of what their fuckhead CEO Andy Yen said.
I don't care that he's backpedaled, I don't care that Andy Yen isn't Proton-the-company, and I'm even willing to accept it was a very unfortunate duh moment on his part. Here the thing: I don't have many ways as a nobody to get back at Trump, but one way is to not give any of my money to anybody who enabled him, even by mistake.
So Proton is on my shitlist forever thanks to Yen.
Yeah sure, I was just speaking to your statement regarding privacy laws. Yen's statement (and beliefs) are an extremely unfortunate inconvenience.
Lmao this would be a great bit if you weren't serious.
I think the reason is not sensitivity, but that it's less risky to move a very new, niche service if they fuck it up somehow. as I understood their announcement they may move other services too later on
Yeah right, so much better to have your e-mails stored in clear text. With E2EE, I don’t give any fucks about local laws. My data stays my data.
metadata is very important too. arrests are made, and drone strikes are approved over it.
That’s not entirely accurate. All metadata is encrypted, too, with the only exception of your IP. But there are ways to hide that, too, if necessary. So you only see the IP, date-time and how much data is transferred. But you will never see what was transferred or what is stored.
Doesn't proton's e2ee only work if you're emailing with another proton user?
Protons' copy is always encrypted. E2EE doesn't apply when the recipient is on an external mail server (unless you explicitly encrypt it with their public PGP key).
This still provides the major benefit of encrypting your email archive, and protection from data breach.
Or from Police forcing them to provide data. Because all they can provide is encrypted data.
I'm not well versed in encryption, can't they just decrypt them at will? When I use their webmail I just login, I don't provide any decryption pass
Yes you do, the data is encrypted with your password
In that case, even if they don't have your password right now, they just need to wait until you log in the next time.
Oh, thanks for making me aware of this. I've never heard of them despite living in Norway
Shows that the only true end to end encryption is when the sender and recipient do the encrypting/decrypting locally. Even then, it requires both ends not to be compromised.
iirc proton has complied with requests to identify users before too.
do you think any company in any country can refuse to do that?
Legal requests, which they were legally obligated to comply with. Every single country in the world will have some avenue to require data to be released to authorities.
That’s why strong privacy at every layer is so important. E2EE, for instance, means Proton cannot turn over any data that was transferred to and from customers. Private payments mean the company can’t turn over data on who is paying for accounts. DoH means the company can’t turn over data on what sites customers visited. Etc…
I'm not inherently trying to defend Proton here, but the question to ask here is -- did they have a choice? I'm asking seriously, and not rhetorically. Did they willingly hand over the data, or were they legally required to, by Swiss law?
Switzerland has strong privacy laws, but there are still situations where they legally have to comply. Of course, Proton also collects very little data and keeps things end to end encrypted, so even if they have to provide data, it’s not much.
this post was submitted on 27 Jul 2025
204 points (100.0% liked)
Privacy
40410 readers
480 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS