A court record reviewed by 404 Media shows privacy-focused email provider Proton Mail handed over payment data related to a Stop Cop City email account to the Swiss government, which handed it to the FBI.
-
A court record reviewed by 404 Media shows privacy-focused email provider Proton Mail handed over payment data related to a Stop Cop City email account to the Swiss government, which handed it to the FBI.
https://www.404media.co/proton-mail-helped-fbi-unmask-anonymous-stop-cop-city-protestor/
@404mediaco Hmmn, I have a free account there, but there are arguably other ways for a Swiss court to identify me. IP would, but I use TOR.
Any thoughts folks, on how to de-anonymise me? -
@404mediaco It's not ProtonMail's fault; they have to follow the law.
If they just handed data over without being legally required to, that would be concerning, but that doesn't seem to be the case here. -
A court record reviewed by 404 Media shows privacy-focused email provider Proton Mail handed over payment data related to a Stop Cop City email account to the Swiss government, which handed it to the FBI.
https://www.404media.co/proton-mail-helped-fbi-unmask-anonymous-stop-cop-city-protestor/
-
A court record reviewed by 404 Media shows privacy-focused email provider Proton Mail handed over payment data related to a Stop Cop City email account to the Swiss government, which handed it to the FBI.
https://www.404media.co/proton-mail-helped-fbi-unmask-anonymous-stop-cop-city-protestor/
@404mediaco Your VPN provider will not go to jail for five dollars
https://www.ivpn.net/blog/your-vpn-provider-wont-go-to-jail-for-you/
-
@404mediaco It's not ProtonMail's fault; they have to follow the law.
If they just handed data over without being legally required to, that would be concerning, but that doesn't seem to be the case here.@iampytest1 @404mediaco You can't reveal what you don't know—that's where the mistake lies.
-
@iampytest1 @404mediaco it's was Proton's decision to move to USA jurisdiction, not?
@egonw ProtonMail isn't based out of the US. The government of the country it is based out of demanded this information, and provided it to the FBI under a MLAT.
-
@404mediaco
I guess I need to move to @Tutanota@LittlePolarBear @404mediaco @Tutanota And if you pay for Tuta with your credit card, Tuta will also provide those payment details when compelled by a court order.
The key, with either service, is to pay anonymously.
-
@egonw ProtonMail isn't based out of the US. The government of the country it is based out of demanded this information, and provided it to the FBI under a MLAT.
@iampytest1 ah, right. sorry, my bad
-
@iampytest1 @404mediaco You can't reveal what you don't know—that's where the mistake lies.
@NoMAD they can't not have payment information. They offer anonymouspayment options, and the free version doesn't require any PII at all.
-
@proscience in what way am I wrong?
I might have misread the article; if I did, I can edit my post. -
@404mediaco
I guess I need to move to @Tutanota -
A court record reviewed by 404 Media shows privacy-focused email provider Proton Mail handed over payment data related to a Stop Cop City email account to the Swiss government, which handed it to the FBI.
https://www.404media.co/proton-mail-helped-fbi-unmask-anonymous-stop-cop-city-protestor/
@404mediaco so, even the respected Proton no longer guarantees privacy or security!
-
A court record reviewed by 404 Media shows privacy-focused email provider Proton Mail handed over payment data related to a Stop Cop City email account to the Swiss government, which handed it to the FBI.
https://www.404media.co/proton-mail-helped-fbi-unmask-anonymous-stop-cop-city-protestor/
@404mediaco I don't see how they could avoid storing the payment information if they want to collect payments. And if they are legally required by the Swiss government to provide that information, what can they do?
-
@404mediaco I don't see how they could avoid storing the payment information if they want to collect payments. And if they are legally required by the Swiss government to provide that information, what can they do?
They are required to store client identification data for 6 months by #Swiss law
Art. 22 SPTA
-
A court record reviewed by 404 Media shows privacy-focused email provider Proton Mail handed over payment data related to a Stop Cop City email account to the Swiss government, which handed it to the FBI.
https://www.404media.co/proton-mail-helped-fbi-unmask-anonymous-stop-cop-city-protestor/
@404mediaco@mastodon.social
After that French climate activist, every gov on earth knows how to obtain data from Proton Mail.
They just need to ask the Swiss government to request data, instead of requesting data directly from Proton AG.
Stopgap measure:
Use Tor Browser to access Proton Mail
Do not pay (money is always easier to trace than network packets)
Turn off all security logging feature in Proton account settings
#ProtonMail #ProtonAG -
@404mediaco
I guess I need to move to @Tutanota@LittlePolarBear @404mediaco @Tutanota How would Tuta have helped you here? You think they’re defying a court warrant on your behalf?
-
@iampytest1 @404mediaco For those who are threat modeling risks it’s worth noting this person was not charged with any crimes. So the US will request sensitive info that doesn’t lead to anything worth criminal charges, but Proton and the Swiss will hand it over without seemingly much protest
“404 Media is not publishing the person’s name because they don’t appear to have been charged with a crime, according to searches of court databases.”
Put another way, Proton and the Swiss will hand over user info of folks free of criminal charges to the US government.
@sylvie Not saying the subpoena here is justified, but subpoenaing records is a normal part of the investigate process which can come before a person is charged. The article doesn't say when this occurred or why they weren't charged, and without more detail on the facts the subpoena was based on, its hard to say what the FBI knew when it issued it and what it learned afterwards afterwards.
The question here is what are the terms of the MLAT between the US and the Swiss government, and what rules the FBI and the Swiss government have for handling this.
I'm not familiar with the FBI's internal workings, and I know nothing about Swiss law or the details of the MLAT.
Edit: obviously that isn't the right section of the Justice Manual. -
@404mediaco Hmmn, I have a free account there, but there are arguably other ways for a Swiss court to identify me. IP would, but I use TOR.
Any thoughts folks, on how to de-anonymise me?@davecb @404mediaco E-Mail content and metadata would be the most obvious way. If you ever used this account for anything that could be linked somehow to your identity they could easily deanonymize you. And otherwise it depends on who wants to get your PII and how many resources do they have. If they have enough ressources they can deanonymize everybody and tor will not help you. But for most people that should be fine I think.
-
@davecb @404mediaco E-Mail content and metadata would be the most obvious way. If you ever used this account for anything that could be linked somehow to your identity they could easily deanonymize you. And otherwise it depends on who wants to get your PII and how many resources do they have. If they have enough ressources they can deanonymize everybody and tor will not help you. But for most people that should be fine I think.
@davecb @404mediaco other than that I guess you use the Tor Browser (and not just a standard browser routed over Tor) on a somewhat save OS (no Windows, macOS, Android etc but something like Linux/GrapheneOS)?
-
@LittlePolarBear @404mediaco @Tutanota How would Tuta have helped you here? You think they’re defying a court warrant on your behalf?
@wonkothesane @404mediaco @Tutanota It's fine, I learned something today. That's what the Internet is for.
