If you pay Proton Mail for a service, they may hand over the payment data in response to a court order: https://www.404media.co/proton-mail-helped-fbi-unmask-anonymous-stop-cop-city-protestor/
-
If you pay Proton Mail for a service, they may hand over the payment data in response to a court order: https://www.404media.co/proton-mail-helped-fbi-unmask-anonymous-stop-cop-city-protestor/
@evacide Payment data is d0x data. Always has been. -
If you pay Proton Mail for a service, they may hand over the payment data in response to a court order: https://www.404media.co/proton-mail-helped-fbi-unmask-anonymous-stop-cop-city-protestor/
@evacide so the only real solution is to run your own mail server, because corporations will always do this if pressured?
-
May I assume @Tutanota would be bound to do the same thing?
-
You can actually pay Posteo in cash by mail: send banknotes in an envelope with a code to Posteo.
@Tutanota as alternative does not offer direct cash payment, but you can buy Tuta gift cards cash same way via the reseller Proxystore.
@protonprivacy also accepts cash payments according to their support, by sending physical money via post. You get the details by contacting Proton support…
But if you pay with a Creditcard, you have an US provider an board
@doodee thanks for the tips
-
@simonzerafa @evacide I think you mean "anonymity" rather than "privacy". No corporation is immune to legal compulsion. If you link a credit card to an account of any type, it will show up in all kinds of metadata via credit card companies and data brokers, and the banking records will forever deanonymize the account.
So yes, pay for a ProtonMail account with CC if you want, but use a free one if you want *anonymity* in addition to privacy.
-
@evacide Wouldn’t that be a given in most jurisdictions?
@lasombra_br @evacide you'd think so, but a surprising amount of people don't realize a credit card immediately deanonymizes whatever they pay for with a card.
-
and with owners in the US, there's even more legal jeopardy potential. where the servers are located is less relevant than who owns them.
contrast that with Tuta, sure it's EU owned but you have to go through more layers to get to account details, and not as easily strong-armed.
though the French MS email saga from a while back makes it all muddier. French authorities will comply with requests made through the proper channels, a US judge said she didn't have to and demanded compliance - putting MS-France in non-compliance with the US court order, or non-compliance with French law.
All email providers that operate legally - including Tuta - must provide this info if they have it upon court request. If your threat model includes this risk, then having owners in a different country does not protect you at all.
To be clear, I like Tuta, but I haven't seen any evidence yet that they wouldn't be forced to do the same if they operate there. -
All email providers that operate legally - including Tuta - must provide this info if they have it upon court request. If your threat model includes this risk, then having owners in a different country does not protect you at all.
To be clear, I like Tuta, but I haven't seen any evidence yet that they wouldn't be forced to do the same if they operate there.agreed. however the reach of US courts is limited by entities that have no US ties. Tuta is still bound, and I expect that a properly processed request through German officials would result in a disclosure, but that requires a bit more rigour than I'd expect from an entity with US ties.
-
@evacide @cliffle @stinerman There is a thin line on logging stuff for user debug (being an isp/supplier for friends, i have some clue, not pretending it's expertise), therefor where is that line. also, i might understand that proton needs to comply with swiss law (which isn't up to date vs data retention and digital data, because totally f*ing legacy.) my short swiss citizen view : we're in deep shit with this and local politics dont care. ( i'm geneva's former pirate party founder and lost)
-
If you pay Proton Mail for a service, they may hand over the payment data in response to a court order: https://www.404media.co/proton-mail-helped-fbi-unmask-anonymous-stop-cop-city-protestor/
@evacide yeah proton has done this before and has made statements about it that proton is a privacy tool, not an anonymity tool. Hate to see it still though.
Its definitely good to make people more aware of this though, thanks.
-
If you pay Proton Mail for a service, they may hand over the payment data in response to a court order: https://www.404media.co/proton-mail-helped-fbi-unmask-anonymous-stop-cop-city-protestor/
@evacide@hachyderm.io Glad that I paid them nothing while I was still using Proton Mail. -
If you pay Proton Mail for a service, they may hand over the payment data in response to a court order: https://www.404media.co/proton-mail-helped-fbi-unmask-anonymous-stop-cop-city-protestor/
@evacide cause of course
-
@evacide so the only real solution is to run your own mail server, because corporations will always do this if pressured?
-
-
-
@evacide@hachyderm.io Glad that I paid them nothing while I was still using Proton Mail.
-
If you pay Proton Mail for a service, they may hand over the payment data in response to a court order: https://www.404media.co/proton-mail-helped-fbi-unmask-anonymous-stop-cop-city-protestor/
@evacide I support the idea that you should pay for your email service, if you value your privacy.
Using ANY commercial email service exposes you to surveillance and your identity being exposed. Especially if you use your iOS or Google device as a computer.
I continue to hold that Proton is better than a "free" gmail or microsoft account.
For example, I currently support my mastodon instance via Patreon. Patreon could and would expose my identity. They have my email. Still I persist. -
@Tekchip Feel free to reply to them while leaving me out of it.
@evacide More polite rebuttal than I could have managed.
-
If you pay Proton Mail for a service, they may hand over the payment data in response to a court order: https://www.404media.co/proton-mail-helped-fbi-unmask-anonymous-stop-cop-city-protestor/
@evacide Privacy != Anonymity. Beware!
-
If you pay Proton Mail for a service, they may hand over the payment data in response to a court order: https://www.404media.co/proton-mail-helped-fbi-unmask-anonymous-stop-cop-city-protestor/
@evacide@hachyderm.io My reading and understanding of this, is that the Swiss govt order came from an MLAT request from the FBI, and not a US court warrant. Thus, the issue, to me, is how US law enforcement essentially uses MLAT to bypass what in the US could be withheld without an appropriate judicial review. Maybe I’m projecting a misunderstanding, but when I had to respond to such requests, in the ISP I ran, we would, generally, only comply with a legal warrant or order authorized by a court.
