If you pay Proton Mail for a service, they may hand over the payment data in response to a court order: https://www.404media.co/proton-mail-helped-fbi-unmask-anonymous-stop-cop-city-protestor/
-
@Tekchip Feel free to reply to them while leaving me out of it.
-
@evacide This...seems perfectly normal? Like, what was Proton's alternative here?
-
If you pay Proton Mail for a service, they may hand over the payment data in response to a court order: https://www.404media.co/proton-mail-helped-fbi-unmask-anonymous-stop-cop-city-protestor/
@evacide Yes, that's following the law. All reputable companies follow the law.
I'm not a big fan of 404 media for the way they try and hype things that people might need info on or be ignorant of, but use terms of sensationalism.
-
If you pay Proton Mail for a service, they may hand over the payment data in response to a court order: https://www.404media.co/proton-mail-helped-fbi-unmask-anonymous-stop-cop-city-protestor/
@evacide use cyberfear and their related mailum
-
@evacide so the only real solution is to run your own mail server, because corporations will always do this if pressured?
-
If you pay Proton Mail for a service, they may hand over the payment data in response to a court order: https://www.404media.co/proton-mail-helped-fbi-unmask-anonymous-stop-cop-city-protestor/
@evacide aren't their servers based in Switzerland
-
@private_brewing @evacide I guess? It's definitely nontrivial because they have to deal with recurring payments (so they need _some_ way to charge the card even if someone isn't logged in, since paid accounts are not subject to auto-deletion).
The rhetoric around this has been pretty shitty too because *of course* Proton is going to comply by sharing whatever little info they have if ordered by a Swiss court - they make that exceptionally clear.
-
@private_brewing @evacide I guess? It's definitely nontrivial because they have to deal with recurring payments (so they need _some_ way to charge the card even if someone isn't logged in, since paid accounts are not subject to auto-deletion).
The rhetoric around this has been pretty shitty too because *of course* Proton is going to comply by sharing whatever little info they have if ordered by a Swiss court - they make that exceptionally clear.
@private_brewing @evacide And like, most alternatives would do *exactly* the same thing when ordered by courts in their jurisdiction. Other than Tutanota and perhaps a few others, most have access to *more* information, and some of the big ones *proactively* share information.
The fact that some people have the gall to sit here saying that Proton, a company, should refuse to share info after being ordered by a Swiss court is ludicrous.
-
@private_brewing @evacide And like, most alternatives would do *exactly* the same thing when ordered by courts in their jurisdiction. Other than Tutanota and perhaps a few others, most have access to *more* information, and some of the big ones *proactively* share information.
The fact that some people have the gall to sit here saying that Proton, a company, should refuse to share info after being ordered by a Swiss court is ludicrous.
@private_brewing @evacide And I agree with you that the best option perhaps would be designing a payments system that allows all of their usecases without storing payment tokens or whatever in "plaintext" (meaning accessible to the company). Given the care they put into literally every single one of their products, I find it hard to believe that they would not have implemented this if it were trivial.
-
If you pay Proton Mail for a service, they may hand over the payment data in response to a court order: https://www.404media.co/proton-mail-helped-fbi-unmask-anonymous-stop-cop-city-protestor/
@evacide
I don't know why people are so surprised by this. Few people bother to read it but Proton do spell out about data disclosure and law enforcement in their privacy agreements etc.
https://proton.me/legal/privacy -
If you pay Proton Mail for a service, they may hand over the payment data in response to a court order: https://www.404media.co/proton-mail-helped-fbi-unmask-anonymous-stop-cop-city-protestor/
@protonprivacy would you please comment on this?
-
If you pay Proton Mail for a service, they may hand over the payment data in response to a court order: https://www.404media.co/proton-mail-helped-fbi-unmask-anonymous-stop-cop-city-protestor/
@evacide I’m no fan of ProtonMail, or its trumpy ceo “andy88”, but I don’t think they should be expected to put themselves in legal danger for the sake of their customers. Maybe their marketing should make that clear, but no sane person should expect a for-profit company to go to jail for you.
The law is wrong here, as it usually is with stuff like this. But they have to obey one way or another.
-
If you pay Proton Mail for a service, they may hand over the payment data in response to a court order: https://www.404media.co/proton-mail-helped-fbi-unmask-anonymous-stop-cop-city-protestor/
@evacide I get Proton had little choice here complying with a legal Swiss court order and recording the data… my big question here is why the Swiss authorities complied with the FBI request on what looks like a (not across the details) legit protest group?
Surely the fault here is at the feet of the Swiss government for cooperating with the FBI request?
Sorry… much as I am not a big fan of Proton, this looks like they direct they were forced to, legally and only after court order.
-
All email providers that operate legally - including Tuta - must provide this info if they have it upon court request. If your threat model includes this risk, then having owners in a different country does not protect you at all.
To be clear, I like Tuta, but I haven't seen any evidence yet that they wouldn't be forced to do the same if they operate there.@schroedingerspossum @maya_b @cliffle This is exactly it. It's bad opsec to leave data your provider can hand over. Any company must and will comply with local law. It's your responsibility to not leave a paper trail. Proton, like a few other service providers like Mullvad, offers cash payments via mail. If you don't use that or stick to a free plan, that's on you.
-
@evacide so the only real solution is to run your own mail server, because corporations will always do this if pressured?
-
@evacide It's even worse if you pay for Proton Mail and live in CH like I do (also citizen). It means they'll just turn my sh*t over to Bern. I wonder if they'd even inform me.
-
@evacide I’m no fan of ProtonMail, or its trumpy ceo “andy88”, but I don’t think they should be expected to put themselves in legal danger for the sake of their customers. Maybe their marketing should make that clear, but no sane person should expect a for-profit company to go to jail for you.
The law is wrong here, as it usually is with stuff like this. But they have to obey one way or another.
@nbailey @evacide maybe, but some people do the right thing.
Without Ladar Levison, we may not have had the Snowden files: https://www.theguardian.com/commentisfree/2014/may/20/why-did-lavabit-shut-down-snowden-emailThis also vindicates why @Linux does not include them on his "outside US Jurisdiction" alternatives when people keep asking him why they aren't listed: https://codeberg.org/Linux-Is-Best/Outside_US_Jurisdiction/src/branch/main/Privacy_Focused_Email.md
-
If you pay Proton Mail for a service, they may hand over the payment data in response to a court order: https://www.404media.co/proton-mail-helped-fbi-unmask-anonymous-stop-cop-city-protestor/
@evacide@hachyderm.io what’s the full article? Because I am certainly not gonna make an account just to read this
-
@evacide@hachyderm.io what’s the full article? Because I am certainly not gonna make an account just to read this
@tragivictoria @evacide that’s what an AI crawler would say -
@evacide This...seems perfectly normal? Like, what was Proton's alternative here?
@chiraag@mastodon.online @evacide@hachyderm.io Idk, to get shut down? People are pretending as if Tuta or Mailbox or other email provider would be different here.
️
