If you pay Proton Mail for a service, they may hand over the payment data in response to a court order: https://www.404media.co/proton-mail-helped-fbi-unmask-anonymous-stop-cop-city-protestor/
-
@private_brewing @evacide And like, most alternatives would do *exactly* the same thing when ordered by courts in their jurisdiction. Other than Tutanota and perhaps a few others, most have access to *more* information, and some of the big ones *proactively* share information.
The fact that some people have the gall to sit here saying that Proton, a company, should refuse to share info after being ordered by a Swiss court is ludicrous.
@private_brewing @evacide And I agree with you that the best option perhaps would be designing a payments system that allows all of their usecases without storing payment tokens or whatever in "plaintext" (meaning accessible to the company). Given the care they put into literally every single one of their products, I find it hard to believe that they would not have implemented this if it were trivial.
-
If you pay Proton Mail for a service, they may hand over the payment data in response to a court order: https://www.404media.co/proton-mail-helped-fbi-unmask-anonymous-stop-cop-city-protestor/
@evacide
I don't know why people are so surprised by this. Few people bother to read it but Proton do spell out about data disclosure and law enforcement in their privacy agreements etc.
https://proton.me/legal/privacy -
If you pay Proton Mail for a service, they may hand over the payment data in response to a court order: https://www.404media.co/proton-mail-helped-fbi-unmask-anonymous-stop-cop-city-protestor/
@protonprivacy would you please comment on this?
-
If you pay Proton Mail for a service, they may hand over the payment data in response to a court order: https://www.404media.co/proton-mail-helped-fbi-unmask-anonymous-stop-cop-city-protestor/
@evacide I’m no fan of ProtonMail, or its trumpy ceo “andy88”, but I don’t think they should be expected to put themselves in legal danger for the sake of their customers. Maybe their marketing should make that clear, but no sane person should expect a for-profit company to go to jail for you.
The law is wrong here, as it usually is with stuff like this. But they have to obey one way or another.
-
If you pay Proton Mail for a service, they may hand over the payment data in response to a court order: https://www.404media.co/proton-mail-helped-fbi-unmask-anonymous-stop-cop-city-protestor/
@evacide I get Proton had little choice here complying with a legal Swiss court order and recording the data… my big question here is why the Swiss authorities complied with the FBI request on what looks like a (not across the details) legit protest group?
Surely the fault here is at the feet of the Swiss government for cooperating with the FBI request?
Sorry… much as I am not a big fan of Proton, this looks like they direct they were forced to, legally and only after court order.
-
All email providers that operate legally - including Tuta - must provide this info if they have it upon court request. If your threat model includes this risk, then having owners in a different country does not protect you at all.
To be clear, I like Tuta, but I haven't seen any evidence yet that they wouldn't be forced to do the same if they operate there.@schroedingerspossum @maya_b @cliffle This is exactly it. It's bad opsec to leave data your provider can hand over. Any company must and will comply with local law. It's your responsibility to not leave a paper trail. Proton, like a few other service providers like Mullvad, offers cash payments via mail. If you don't use that or stick to a free plan, that's on you.
-
@evacide so the only real solution is to run your own mail server, because corporations will always do this if pressured?
-
@evacide It's even worse if you pay for Proton Mail and live in CH like I do (also citizen). It means they'll just turn my sh*t over to Bern. I wonder if they'd even inform me.
-
@evacide I’m no fan of ProtonMail, or its trumpy ceo “andy88”, but I don’t think they should be expected to put themselves in legal danger for the sake of their customers. Maybe their marketing should make that clear, but no sane person should expect a for-profit company to go to jail for you.
The law is wrong here, as it usually is with stuff like this. But they have to obey one way or another.
@nbailey @evacide maybe, but some people do the right thing.
Without Ladar Levison, we may not have had the Snowden files: https://www.theguardian.com/commentisfree/2014/may/20/why-did-lavabit-shut-down-snowden-emailThis also vindicates why @Linux does not include them on his "outside US Jurisdiction" alternatives when people keep asking him why they aren't listed: https://codeberg.org/Linux-Is-Best/Outside_US_Jurisdiction/src/branch/main/Privacy_Focused_Email.md
-
If you pay Proton Mail for a service, they may hand over the payment data in response to a court order: https://www.404media.co/proton-mail-helped-fbi-unmask-anonymous-stop-cop-city-protestor/
@evacide@hachyderm.io what’s the full article? Because I am certainly not gonna make an account just to read this
-
@evacide@hachyderm.io what’s the full article? Because I am certainly not gonna make an account just to read this
@tragivictoria @evacide that’s what an AI crawler would say -
@evacide This...seems perfectly normal? Like, what was Proton's alternative here?
@chiraag@mastodon.online @evacide@hachyderm.io Idk, to get shut down? People are pretending as if Tuta or Mailbox or other email provider would be different here.
-
@tragivictoria @evacide that’s what an AI crawler would say
@mkljczk@fediverse.pl @evacide@hachyderm.io You’re absolutely right — you got me!
-
-
@evacide@hachyderm.io what’s the full article? Because I am certainly not gonna make an account just to read this
@tragivictoria @evacide I will say that 404Media retains basically no info on you. They ask a name (you can lie if you want) and an email (if you're able, you can use a forward address to obscure your actual email). They don't save passwords, they just email a temp login code. And if you don't wanna risk being tracked across the site or the web, you can clear your site cookies afterwards to logout.
Still totally valid not to make the account, but i recently bit the bullet and did it, I was surprised how little info they accepted that might accidentally get leaked.
-
@tragivictoria @evacide I will say that 404Media retains basically no info on you. They ask a name (you can lie if you want) and an email (if you're able, you can use a forward address to obscure your actual email). They don't save passwords, they just email a temp login code. And if you don't wanna risk being tracked across the site or the web, you can clear your site cookies afterwards to logout.
Still totally valid not to make the account, but i recently bit the bullet and did it, I was surprised how little info they accepted that might accidentally get leaked.
@riverpunk@defcon.social @evacide@hachyderm.io so if they accept little to no info, why they require it in the first place?
-
@riverpunk@defcon.social @evacide@hachyderm.io so if they accept little to no info, why they require it in the first place?
@tragivictoria @evacide idk. I doubt they're selling it on the data brokerage market though, if that's what you're worried about.
I suspect it's a marketing on-ramp to convince avid readers to purchase a paid subscription (some articles have an actual paywall). Or maybe it's anti-scraping? Idk.
FWIW, they tend to be pretty radically pro-privacy, and they're like a 4 person crew, so pretty small independent news organization.
-
If you pay Proton Mail for a service, they may hand over the payment data in response to a court order: https://www.404media.co/proton-mail-helped-fbi-unmask-anonymous-stop-cop-city-protestor/
-
@evacide so the only real solution is to run your own mail server, because corporations will always do this if pressured?
@caitp I guess in theory you could find a service that will shut down before complying (ala 2013 Lavabit), but I can't imagine there are many of them at any given time because, well, they'll shut down (by design) on a frequent basis. Not sure if better or worse than the headache of running it yourself. @evacide
-
It is possible to make it work even to google and hotmail but it takes dedication and constant upkeep sadly. And it does not anonymize you at all, rather the opposite.
️
🤭
