151

ProtonMail provides information used to identify email owner... (www.404media.co)

submitted 1 day ago by jrcruciani@lemmy.wtf to c/privacy@lemmy.ml

72 comments fedilink hide all child comments

Awesome...

top 50 comments

sorted by: hot top controversial new old

[-] chilly_legumes@lemmy.ml 1 points 19 minutes ago

Is there any private way to have emails forwarded from a service like GMail to Proton? I know you could forward to an alias on the Proton account, or alternatively forward through a third party (which you would then have to also trust), but I want to hear from people who know more on the topic than me.

[-] BigTuffAl@lemmy.zip 6 points 3 hours ago

just really sad to call yourself a privacy company and then feed your customer to the gestapo

people can end up as embarrassing footnotes in history a number of different ways, but being a dishonest coward company in the privacy sphere is basically speedrunning it

[-] hackitfast@lemmy.world 1 points 10 minutes ago

I never trusted ProtonMail. Right when you sign up, you're constantly bombarded with advertisements to upgrade to pro. They're plastered everywhere with obnoxious banners.

I get that they're a business and they need money to operate, but the ads are so obnoxiously "in your face" that in my mind their priority isn't your privacy, it's your money.

Tutamail is the better service.

[-] LiamTheBox@lemmy.ml 1 points 2 hours ago

Long Live Tutamail and using a duckduckgo.com address as a backup!

[-] Innerworld@lemmy.world 15 points 15 hours ago

Proton's response

[-] Ghostie@lemmy.zip 14 points 23 hours ago

This instance really wants to dislike Proton.

[-] mistermodal@lemmy.ml -1 points 7 hours ago* (last edited 7 hours ago)

You really want to give your email provider your phone number. "Privacy" for instances that assemble botnets and block VPNs doesn't even include avoiding metadata collection. You guys are simply very salty and lazy that the best-advertised options are all connected to NATO intelligence agencies. Which really should be obvious to any person that hasn't thrown their intuition in the garbage due to its interference with their entertainment. You really bought the Swiss Nazi neutrality ploy, closing in on a century past its expiration date. Is this not bleak?

[-] Ghostie@lemmy.zip 0 points 2 hours ago

It’s an observation. Who’s salty? Source me every one of your claims as it pertains to Proton.

[-] geneva_convenience@lemmy.ml 8 points 15 hours ago

Proton did some PR for Trump a while ago that didn't get them on everyones good side.

[-] pineapplelover@lemmy.dbzer0.com 2 points 1 hour ago

Not this again...

For one, it was Andy Yen, posting on his personal rather than from Proton's account.

Second, if you follow the money, Andy Yen and Proton donates a lot of money to liberal organizations. They also campaign for Democrats actually.

The downfall of this is all because he thought Gail Slater would be a good pick and the entirety of the privacy community thought he undid all of his privacy advocacy and foundation overnight.

https://scribe.rip/@ovenplayer/does-proton-really-support-trump-a-deeper-analysis-and-surprising-findings-aed4fee4305e

[-] Charger8232@lemmy.ml 194 points 1 day ago* (last edited 1 day ago)

Proton was legally ordered by the Swiss justice department to hand over the (severely limited) information about a law breaking organization's account. They had paid for Proton using a credit card instead of the anonymous payment methods Proton offers, and that is what Proton was forced to hand over. It was the organization's bad OpSec, not Proton willingly deanonymizing users.

[-] LytiaNP@lemmy.today 53 points 1 day ago

Hopefully people like you will be able to nip this in the bud before yet another joke of a controversy starts...

[-] NuXCOM_90Percent@lemmy.zip 54 points 1 day ago* (last edited 1 day ago)

You must be new here...

On the one hand, I really like how often Proton's shortcomings are highlighted. This SHOULD be a wake up call that you should never rely on a company to protect you and should instead focus on what you can do to ptorect yourself. And Proton... actually are pretty good in that regard. Connect from a burner/live image computer over public wifi using tor (or something similar) and their free accounts are STILL the gold standard for journalism and whistleblowers.

But the problem is that people are stupid and lazy (and many outlets actively benefit from "Eww, proton is bad. If only they had paid for NordVPN to really protect them from the FBI! ~Note, NordVPN provides no guarantees of protection~ ". So we just get stupidity.

[-] Charger8232@lemmy.ml 24 points 1 day ago

OP's title certainly doesn't help.

load more comments (3 replies)

[-] GreenShimada@lemmy.world 18 points 1 day ago* (last edited 1 day ago)

Really, this headline should be "Organization so poorly organized that they messed up having high-security email."

[-] halcyoncmdr@piefed.social 16 points 1 day ago

Not at all. Proton doesn't require any personal info at all. But if you pay with a credit card... That has your personal info tied to it. It's their fuck up paying with a credit card. Proton accepts other payment methods that aren't tied to your identity.

Proton is required by law to provide information they have when the courts say so.

[-] Auli@lemmy.ca 2 points 1 day ago

Are they required to keep the data?

[-] halcyoncmdr@piefed.social 2 points 17 hours ago

Not sure about Swiss laws regarding merchant payment card data retention... But they aren't really going to matter with this situation either way. Even if Proton doesn't keep any identifying information directly, the payment processor for sure is going to keep identifying data. Proton will have a confirmation number for the payment being processed, which can be correlated via the payment processor anyway.

[-] toynbee@piefed.social 8 points 1 day ago

So I'm not a criminal organization as far as I know, but if I did pay with a credit card originally can that be rectified without deleting and starting over?

[-] AmbitiousProcess@piefed.social 8 points 1 day ago

Proton uses Chargebee for payments, which has its own data retention policy of essentially "as long as we want to", but Proton does themselves keep limited data like the billing name, and last 4 digits.

Proton's privacy policy says nothing about a pre-set time delay after which they'd delete that data. They only claim that they "reserve our right" to remove your payment information if they think it's no longer valid. So theoretically, that might mean if your card's expiry date has passed, but that's not a confirmation.

The best way to reliably make sure Proton wouldn't have any info on you is to not have ever tied any real information about yourself or your payment info to that account.

[-] toynbee@piefed.social 2 points 1 day ago

Thank you for the information.

load more comments (1 replies)

[-] Vinylraupe@lemmy.zip 2 points 1 day ago

B..But..Swiss evil?

[-] aldrik@oc.todon.fr 7 points 1 day ago

@Charger8232 @jrcruciani The bug is between keyboard and chair. It is always a problem to use crédit card.

load more comments (10 replies)

[-] quick_snail@feddit.nl 9 points 1 day ago

Use monero.

[-] North@lemmy.org 28 points 1 day ago* (last edited 1 day ago)

Some people in the comment section are really dumb switching to other alternatives thinking that Proton isn't trustworthy because they gave the information despite the organisation not using anonymous currency. What's ironic is that some of these people are switching to those alternatives where you can't even use anonymous currency.

Also, kind of a clickbait title.

[-] quick_snail@feddit.nl 6 points 1 day ago

They have a .onion site. Use it always.

[-] OccasionallyFeralya@lemmy.ml 6 points 23 hours ago

And don’t pay with a credit card if you’re committing crimes lmao

[-] glitching@lemmy.ml 6 points 1 day ago* (last edited 1 day ago)

article in case you can't read it: ~~lemmy.ml/post/44086795~~ edit: better link in a reply.

proton coulda put up a fight, a loud one, for optics sake if nothing else. rolling over on any (and by implication, all) request should be the last straw in their long line of snafus; by way of "death by a thousand cuts", I would never entrust them with anything of importance.

signal demonstrated that you could decouple payment info from user data and a shop that touts the privacy part of their offerings coulda at least mimic such a thing.

edit 2: fuck any and all pay-with-crypto shills and the horse they rode in on.

[-] EncryptKeeper@lemmy.world 2 points 15 hours ago

You cannot put up a fight when ordered to do something by a judge who has jurisdiction over you. You either comply or you’re committing a crime.

[-] glitching@lemmy.ml 0 points 7 hours ago

I imagine they got courts and lawyers and motions and hearings and stuff over there, even if the fight is doomed you need to show your teeth once in a while. and what's with the proton employee reviewing whether there were "explosives" and "guns" involved, naturally based on super-reliable evidence, what the fuck is that?!

and alla that aside, why do they have payment and user info on file, for what fucking purpose? there's either user privacy or there ain't. and them folks are in the "ain't" camp.

[-] EncryptKeeper@lemmy.world 0 points 3 hours ago* (last edited 3 hours ago)

I imagine they got courts and lawyers and motions and hearings and stuff over there, even if the fight is doomed you need to show your teeth once in a while.

That’s not how it works. They can’t just refuse to comply with a lawful order from a judge. They could be put in actual jail. This affects all email providers.

[-] glitching@lemmy.ml 0 points 1 hour ago

what is this take based on? there's a direct line between "we want this shit done" and "judge rubberstamps order"? no process, no interview, no hearing, no nothings? medieval courts maybe worked that way, no system of government I know of nowadays does.

[-] EncryptKeeper@lemmy.world 0 points 1 hour ago

Every single government works this way. Court orders are not optional.

[-] cypherpunks@lemmy.ml 5 points 1 day ago

article in case you can’t read it: https://lemmy.ml/post/44086795

that link only has two paragraphs of the article; there are 8 more in the full article here on archive.org

load more comments

this post was submitted on 05 Mar 2026

151 points (81.3% liked)

Privacy

46763 readers

741 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 6 years ago

MODERATORS