Be careful when companies market themselves as Swiss or that due to them being located in Switzerland means there is some extra layer of security or privacy.
Sure, it's a more stable country than many other countries in the world, but not much different from most EU countries for example. And privacy wise there is no difference.
Be also aware of the fact that many companies market themselves as Swiss, but all it means is they have a head office in Switzerland due to tax reasons. In one example, it's a cloud storage company, they say on their marketing page and their about page that they are based in Switzerland and under Swiss law, but if you look at the legal pages the company you sign up with are actually based in Bulgaria. Their servers are based in Texas, USA and Luxemburg, Europe and their development team in Bulgaria.
What, you mean those landing pages with that majestic snowy mountain doesn't automatically mean robust security and unparalleled privacy? My life has been a lie...
China-Email: Would be interesting to buy email hosting from a super secure email service based out of China. Basically a "trust in math" approach where they operate despite adversaries. With huge claims on the website:
- No physical security: our offices don't even have locks
- Pro-crime-CEO: our CEO is a known (and future) criminal
- Political: we seriously try to read your email for the cops but we cant :(
- None of that matters because our protocol is open source, blockchain enabled, and it doesn't matter if you trust us at all.
Seems like a joke but you get my point. In God we trust, for everyone else use math.
Yeah I also bought a lifetime plan from that cloud storage company few years ago, scammed by the marketing page, only to find out somewhere in the settings page that my data were never in switzerland or even in EU but were physically in US, and had to pay to move them to EU, just deleted my account, I guess the swiss thing is just a marketing scam
True, the swiss government has bent over in all directions imaginable regarding the banking secret once a powerful enough entity pressured them.
Forget hosting, VPNs or email providers from Switzerland.
It's exactly true, companies incorporate there due to tax laws, even Phillip Morris is there.
The company you’re mentioning in the end is Tresorit, right? If so, they still do get some kudos for running a pretty solid end to end encrypted storage service. Their whitepaper checked out to me and their heavy focus on business users instead of consumer seems to attract less of the advocate types of users that ended ProtonMail in this weeks situation to begin with
The funny thing is, while advertising all of that, they're not providing free SMTP service that actually allow you to send properly GPG encrypted emails to protect your privacy.
So for me, ProtonMail is basically a web email service, a nice web email service to be completely fair, but without perks. I will never call them an "encrypted email" service.
> In one example, it's a cloud storage company, they say on their marketing page and their about page that they are based in Switzerland and under Swiss law, but if you look at the legal pages the company you sign up with are actually based in Bulgaria. Their servers are based in Texas, USA and Luxemburg, Europe and their development team in Bulgaria.
Just out of curiosity, in this kind of situation what laws actually apply? Wouldn't that be the Bulgarian laws?
I also dislike companies that use the label 'Made in [country]' as a prominent hook to promise users they will get enhanced privacy - which may or may not be true. I'd rather they be honest and say: these are the examples when we must comply with the law and must hand over the following details.
We all need to make our own evaluation of the privacy promises of those services and whether they actually provide privacy above and beyond what other companies offer. We shouldn't rely on vague impressions that privacy is strong in company X merely because of their presence in a particular country (and which the company uses heavily for promotion).
> Their servers are based in Texas, USA and Luxemburg, Europe and their development team in Bulgaria
I don't believe it means anything. They form a company in Switzerland, which makes them compliant to the Swiss laws, they rent infrastructure from a provider where these services are most favourable for their business(which in this case could be USA and Luxembourg) and they do their tech dev work in Bulgaria(Which is in EU) because they get the most bang for their buck in this country.
What I see is simply business as usual. Are there even single origin tech companies? Even if everything is Swiss, if you have your app on the Apple App Stor or Google Play, you would be required to comply with US laws. You came up with an interesting encryption? Well, you will be asked to document it as part of you export compliance if you are going to make the app available outside of the US.
Last time there was a protonmail discussion on HN I brought up the point that they save Metadata and of course got downvoted to the oblivion and had to remove my comment....
The whole clarification they wrote was "As a Swiss company, they must comply with Swiss law when it relates to a Swiss citizen."
So if you're not a swiss citizen, you've got nothing to worry about. The only thing they did different was notify the person they were being investigated and then began tracking. That's the major difference.
It's not like some random company can just skirt all laws globally for the sake of privacy.
I remember being fooled by the whole "We're Swiss, isn't that great?" marketing at the beginning. It was disappointing, to say the least, when I learned that Switzerland is part of the N-eyes agreement(s).
Truth is that Email is almost a dead protocol now, anyway. As much as that hurts me to say. It was never able to meet the moment- PGP is complicated and easy to mess up, it's pretty damn hard to host your own Email server and not end up in everyone's SPAM or blocked, and if they person on the other end is using GMail, your shit's being read, analyzed, and archived anyway.
Email is going to be a business-only (as in "companies"/"corporations"/etc) protocol soon.
The ProtonMail guys always said that unless they were 20 miles from the littoral, in the sea side, they had to abide by national laws. So it was bound to happen.
What makes me sad is how flimsy their entire premise (not necessarily "promise") turned out to be: all it took was some minor rascal in France to hug the wrong tree (so to speak), and ProtonMail is in the open saying they can't even protect the IP address of their customers. From there, all it takes is for somebody to change a law in Switzerland and end-to-end encryption of the messages themselves will only be "by default."
I think there is a market for datacenters in open seas.
The expectation that Proton would be able to disobey the legal requests of their local authorities with impunity is unrealistic. Protonmail makes certain claims about privacy, particularly about encryption. They don't make any claims that they have the intention, or ability for that matter, to defy local authorities at their peril. Like Grugq said in one of his presentations (paraphrased): "Don't expect your VPN company to do your jail time for you". I'm neither for nor against Protonmail. I don't think they've been dishonest. I think people have an unrealistic expectation of the service they offer. They offer additional privacy, not legal indemnity.
This is exactly what baffled me about people saying "I'm cancelling my PM subscription" as if they didn't make this abundantly clear. In their transparency report, they state very clearly that they "may also be obligated to monitor the IP addresses" being used to access accounts engaged in criminal activity.
Privacy activists, for some reason, don't take the time to read transparency reports.
1. Their homepage stated ""By default, we do not keep any IP logs...". Due to complaints about this being a lie, they have today removed this statement
2. Their website also stated "No personal information required to create an account". However, for creating an account through Tor a phone number is required. This has been an issue for 4 years [1]
How could I expect Proton to disobey legal requests? That's crazy.
There are 180 countries and not one will let you create a company that doesn't have to log IP addresses?
Proton should change their description to: "We don't really care so much about your privacy and make fake marketing claims because we are just another tech company trying to make as much money as possible"
> The expectation that Proton would be able to disobey the legal requests of their local authorities with impunity is unrealistic.
Untrue.
There are many way to resist authority without being seen as blatantly disobeying the law.
In this particular case, they could have gone with the standard: "can't technically do it, we don't have the infrastructure". Or: "the guys who manages the logs just quit, we can't recover the information". Or: "we don't have the budget to implement that, it'd bankrupt us" ... etc ... make as many lame excuses as the day is long.
Drag things into court and just bog the effing big brother machine down in technicalities long enough until they simply give up or the French activist has had ample time to skedaddle.
This. If you pay ProtonMail, you don't have your emails automatically scanned by some company to show you advertisements, and you have encryption at rest. That's all.
I see many comments here that seem to be uninformed. Please, make sure to ProtonMail's official statement first. It includes a lot of important background info: https://protonmail.com/blog/climate-activist-arrest/
For example, this paragraph is important:
> Unlike other providers, we do fight on behalf of our users. Few people know this (it’s in our transparency report), but we actually fought over 700 cases in 2020 alone. Whenever possible, we will fight requests, but it is not always possible.
I don't see why it's AS big a scandal given what CEO stated and reading accounts from reputable news sources.
My quick take: France tells Switzerland who then compels PM to START tracking account holder(s) and prevented PM (by law from what I've read) from telling account holder. Per PM CEO this type of Swiss order could not be disputed with the way PM has disputed other claims.
To me, it's not logging of the IP; it's when did it start and from my reading they started after being compelled to do so over a period of time between compelled to and this coming to light.
To me, strong pushback (for those who feel passionate about it) should be directed to Switzerland for complying with France for what many think is not a high enough bar to compel all this tracking. Maybe they did scrutinize it and maybe they didn't.
Any meta-data saving isn't secure but sharing that after being compelled to track account holders isn't surprising.
There's a line in their agreement that says " If a request is made for encrypted message content that we do not possess the ability to decrypt, the fully encrypted message content may be turned over.".
I guess ProtonVPN also is not an exception to such "undeniable" requests. Bad day for company who bank on "no log" policy. Their marketing division will have a ton of work to fix reputation :)
> stated: "No personal information is required to create your secure email account. By default, we do not keep any IP logs which can be linked to your anonymous email account. Your privacy comes first."
And it still holds!!
What it didn't stat is that while _by default_ no such information is logged, but if they are legally compelled to they will log such the neseccary information for the email (account?) they are required to log them for.
Its honestly surprising for me that anyone though that a fully legally (in Swiss)operating service would protect their privacy beyond the point they are allowed to by Swiss law. But luckily for us Swiss law is pretty neat wrt. privacy, at least currently.
Why don’t they use surveillance in anti-corruption squads to make sure no back room deals are being made inside the government?
This tool is turned against the poor and marginalized and used to eliminate opposition but not for making the system work better as it was supposed to.
In a sense society is being hacked by those in power using surveillance.
I’m not that surprised that ProtonMail folded; as someone else said they’re not going to do jail for you. What’s concerning is the nature of this warrant and arrest. As far as I can tell all the articles haven’t mentioned any actual crimes; is France just straight up arresting climate activists now?
For secure communications it’s much better to use Signal than e-mail. (Preferably with disappearing messages.)
I understand that people desire the UX of an e-mail client such as Thunderbird, Mail.app, Gmail or whatever. Nothing wrong with wanting that. But there is currently no good way to send e-mail securely.
It‘s really tiresome how it‘s become the normal to market all kind of fantasy interpretations of your value proposition and banish all nuance to legalese documents. ProtonMail has enough to justify itself, it doesn‘t need all the over the top claims of Swissness or blunt statements about privacy that are only half truths. They could also do without their spintastic, content marketing blog.
This is not surprising to me. I will still continue to use ProtonMail. I never signed up because of the "no IP logging" thing. In fact, if I had seen it before I just plain wouldn't have believed it, and still used ProtonMail. But hindsight is 20/20
If you can make sure you and your relatives and your friends never cross Russian (or for that matter Russia-friendly state) border and/or you never write anything remotely resembling criticism of Russian regime - then maybe yes.
Maybe I missed it in all the kerfuffle, but what was the crime that was allegedly committed by the French climate activist that required ProtonVPN to comply with this request for IP information?
ProtonMail has been fraught with problems for a long time, and it's good that serious issues are being brought to light. Their marketing is very good and critics of them have struggled to communicate to users for a while.
The most important thing a serious privacy-minded service provider can do is be forthright and honest with users about the limitations of their privacy guarantees, particularly with respect to what hinges on math and what hinges on trust. ProtonMail has failed in this respect. It has always been the case, for example, that they could log these IPs, or that any incoming plaintext emails can be recorded before being encrypted at rest - and the fact that they're encrypted at rest is another thing we have to take on faith. Their proprietary components have always been a problem, and we also trust that they won't silently add key exfiltration to their webmail UI on the demands of a court. They don't explain any of this, they just pose themselves as experts on privacy and let vulnerable users stumble into law enforcement's hands because they care about their money more than their security.
Good privacy systems do not rely on trust or faith, they rely on math. Where some trust is required, in the case of a commercial service provider, it is their solemn duty to be honest with users and explain to them what promises they can and cannot make, and to make sure users understand which of these claims are backed up by math, which are backed up by law, and which are backed up with thoughts and prayers, so that these users can make informed decisions about how they use a service they're relying on for their personal liberty.
My day to day life is pretty boring, but occasionally I'll imagine what I would need to do if I ever had to get out a secret message out where it was important that it couldn't be traced back to me.
It always ends up being something like, "Well, I could buy a bunch of raspberry PIs with cash and then go to a coffee shop that I never go to and upload the message to a gmail account that I'll only ever use once. Throw the PI away afterwards in a random trash can in town and make sure to wear gloves every time I touch it. Finally use some sort of encryption scheme or something so I can identify myself for repeated correspondences because each time will be with a different one shot email account."
It turns out that this isn't some fanciful paranoia, but is in fact the bare minimum of what I should be doing if something like that ever came up.
Tor from a coffee shop should be sufficient shouldn't it? If the browser cannot be finger printed and the IP is not yours, it shouldn't be possible to identify you.
I think a distinction must be made between a service that will protect your privacy historically and a service that will continuously protect your privacy.
If I sign up with protonmail today using a vpn like mullwad, since I'm probably not currently be targeted, I can reasonably be sure that it will be difficult to track things back to me.
However, once I'm targeted and there's a warrant against me, any activity I have on such services is going to be logged going forward.
So, using the service once to receive some data or do something anonymously is reasonably secure... This is very different from services like gmail which will have kept any logs in the past about me and that will always be able to track me without any further logging.
It's imperfect but I think that given the current environment and the current laws, this might be the best we can have.
[+] [-] plater|4 years ago|reply
Sure, it's a more stable country than many other countries in the world, but not much different from most EU countries for example. And privacy wise there is no difference.
Be also aware of the fact that many companies market themselves as Swiss, but all it means is they have a head office in Switzerland due to tax reasons. In one example, it's a cloud storage company, they say on their marketing page and their about page that they are based in Switzerland and under Swiss law, but if you look at the legal pages the company you sign up with are actually based in Bulgaria. Their servers are based in Texas, USA and Luxemburg, Europe and their development team in Bulgaria.
[+] [-] ducktective|4 years ago|reply
[+] [-] istingray|4 years ago|reply
- No physical security: our offices don't even have locks
- Pro-crime-CEO: our CEO is a known (and future) criminal
- Political: we seriously try to read your email for the cops but we cant :(
- None of that matters because our protocol is open source, blockchain enabled, and it doesn't matter if you trust us at all.
Seems like a joke but you get my point. In God we trust, for everyone else use math.
[+] [-] lnxg33k1|4 years ago|reply
[+] [-] _gohp|4 years ago|reply
It's exactly true, companies incorporate there due to tax laws, even Phillip Morris is there.
[+] [-] kylehotchkiss|4 years ago|reply
[+] [-] nirui|4 years ago|reply
So for me, ProtonMail is basically a web email service, a nice web email service to be completely fair, but without perks. I will never call them an "encrypted email" service.
[+] [-] audiometry|4 years ago|reply
[+] [-] laurent123456|4 years ago|reply
Just out of curiosity, in this kind of situation what laws actually apply? Wouldn't that be the Bulgarian laws?
[+] [-] vanilla-almond|4 years ago|reply
We all need to make our own evaluation of the privacy promises of those services and whether they actually provide privacy above and beyond what other companies offer. We shouldn't rely on vague impressions that privacy is strong in company X merely because of their presence in a particular country (and which the company uses heavily for promotion).
[+] [-] mrtksn|4 years ago|reply
I don't believe it means anything. They form a company in Switzerland, which makes them compliant to the Swiss laws, they rent infrastructure from a provider where these services are most favourable for their business(which in this case could be USA and Luxembourg) and they do their tech dev work in Bulgaria(Which is in EU) because they get the most bang for their buck in this country.
What I see is simply business as usual. Are there even single origin tech companies? Even if everything is Swiss, if you have your app on the Apple App Stor or Google Play, you would be required to comply with US laws. You came up with an interesting encryption? Well, you will be asked to document it as part of you export compliance if you are going to make the app available outside of the US.
[+] [-] simplyinfinity|4 years ago|reply
I don't see them having offices in Bulgaria. However they have offices in North Macedonia.
[+] [-] ibaikov|4 years ago|reply
[+] [-] sizzle|4 years ago|reply
[+] [-] jokoon|4 years ago|reply
[+] [-] racl101|4 years ago|reply
We all saw the Wolf of Wallstreet.
[+] [-] snuser|4 years ago|reply
[+] [-] MeinBlutIstBlau|4 years ago|reply
So if you're not a swiss citizen, you've got nothing to worry about. The only thing they did different was notify the person they were being investigated and then began tracking. That's the major difference.
It's not like some random company can just skirt all laws globally for the sake of privacy.
[+] [-] ragnese|4 years ago|reply
Truth is that Email is almost a dead protocol now, anyway. As much as that hurts me to say. It was never able to meet the moment- PGP is complicated and easy to mess up, it's pretty damn hard to host your own Email server and not end up in everyone's SPAM or blocked, and if they person on the other end is using GMail, your shit's being read, analyzed, and archived anyway.
Email is going to be a business-only (as in "companies"/"corporations"/etc) protocol soon.
[+] [-] dsign|4 years ago|reply
What makes me sad is how flimsy their entire premise (not necessarily "promise") turned out to be: all it took was some minor rascal in France to hug the wrong tree (so to speak), and ProtonMail is in the open saying they can't even protect the IP address of their customers. From there, all it takes is for somebody to change a law in Switzerland and end-to-end encryption of the messages themselves will only be "by default."
I think there is a market for datacenters in open seas.
[+] [-] livinginfear|4 years ago|reply
[+] [-] edly|4 years ago|reply
Privacy activists, for some reason, don't take the time to read transparency reports.
[+] [-] istingray|4 years ago|reply
Protonmail has been dishonest in their marketing.
1. Their homepage stated ""By default, we do not keep any IP logs...". Due to complaints about this being a lie, they have today removed this statement
2. Their website also stated "No personal information required to create an account". However, for creating an account through Tor a phone number is required. This has been an issue for 4 years [1]
How could I expect Proton to disobey legal requests? That's crazy.
[1] https://www.reddit.com/r/ProtonMail/comments/638ykr/phone_nu...
[+] [-] janmo|4 years ago|reply
[+] [-] ur-whale|4 years ago|reply
Untrue.
There are many way to resist authority without being seen as blatantly disobeying the law.
In this particular case, they could have gone with the standard: "can't technically do it, we don't have the infrastructure". Or: "the guys who manages the logs just quit, we can't recover the information". Or: "we don't have the budget to implement that, it'd bankrupt us" ... etc ... make as many lame excuses as the day is long.
Drag things into court and just bog the effing big brother machine down in technicalities long enough until they simply give up or the French activist has had ample time to skedaddle.
[+] [-] rpadovani|4 years ago|reply
[+] [-] shafyy|4 years ago|reply
For example, this paragraph is important:
> Unlike other providers, we do fight on behalf of our users. Few people know this (it’s in our transparency report), but we actually fought over 700 cases in 2020 alone. Whenever possible, we will fight requests, but it is not always possible.
[+] [-] rarba786|4 years ago|reply
My quick take: France tells Switzerland who then compels PM to START tracking account holder(s) and prevented PM (by law from what I've read) from telling account holder. Per PM CEO this type of Swiss order could not be disputed with the way PM has disputed other claims.
To me, it's not logging of the IP; it's when did it start and from my reading they started after being compelled to do so over a period of time between compelled to and this coming to light.
To me, strong pushback (for those who feel passionate about it) should be directed to Switzerland for complying with France for what many think is not a high enough bar to compel all this tracking. Maybe they did scrutinize it and maybe they didn't.
Any meta-data saving isn't secure but sharing that after being compelled to track account holders isn't surprising.
There's a line in their agreement that says " If a request is made for encrypted message content that we do not possess the ability to decrypt, the fully encrypted message content may be turned over.".
Maybe I'm missing something in my logic.
[+] [-] 7demons|4 years ago|reply
[+] [-] dathinab|4 years ago|reply
And it still holds!!
What it didn't stat is that while _by default_ no such information is logged, but if they are legally compelled to they will log such the neseccary information for the email (account?) they are required to log them for.
Its honestly surprising for me that anyone though that a fully legally (in Swiss)operating service would protect their privacy beyond the point they are allowed to by Swiss law. But luckily for us Swiss law is pretty neat wrt. privacy, at least currently.
[+] [-] istingray|4 years ago|reply
"no personal information"...does it still say that? Let me know where, will email them.
[+] [-] notjes|4 years ago|reply
[+] [-] pixxel|4 years ago|reply
[+] [-] hasmanean|4 years ago|reply
This tool is turned against the poor and marginalized and used to eliminate opposition but not for making the system work better as it was supposed to.
In a sense society is being hacked by those in power using surveillance.
[+] [-] ashtonkem|4 years ago|reply
[+] [-] cpach|4 years ago|reply
I understand that people desire the UX of an e-mail client such as Thunderbird, Mail.app, Gmail or whatever. Nothing wrong with wanting that. But there is currently no good way to send e-mail securely.
[+] [-] ducktective|4 years ago|reply
[+] [-] traspler|4 years ago|reply
[+] [-] 0xdeadb00f|4 years ago|reply
[+] [-] jcq3|4 years ago|reply
[+] [-] yaris|4 years ago|reply
[+] [-] dang|4 years ago|reply
Clarifications regarding arrest of climate activist - https://news.ycombinator.com/item?id=28433601 - Sept 2021 (273 comments)
ProtonMail logged IP address of French activist after order by Swiss authorities - https://news.ycombinator.com/item?id=28433131 - Sept 2021 (155 comments)
Climate activist arrested after ProtonMail provided his IP address - https://news.ycombinator.com/item?id=28427259 - Sept 2021 (565 comments)
[+] [-] rawbot|4 years ago|reply
[+] [-] Grimm665|4 years ago|reply
[+] [-] ddevault|4 years ago|reply
The most important thing a serious privacy-minded service provider can do is be forthright and honest with users about the limitations of their privacy guarantees, particularly with respect to what hinges on math and what hinges on trust. ProtonMail has failed in this respect. It has always been the case, for example, that they could log these IPs, or that any incoming plaintext emails can be recorded before being encrypted at rest - and the fact that they're encrypted at rest is another thing we have to take on faith. Their proprietary components have always been a problem, and we also trust that they won't silently add key exfiltration to their webmail UI on the demands of a court. They don't explain any of this, they just pose themselves as experts on privacy and let vulnerable users stumble into law enforcement's hands because they care about their money more than their security.
Good privacy systems do not rely on trust or faith, they rely on math. Where some trust is required, in the case of a commercial service provider, it is their solemn duty to be honest with users and explain to them what promises they can and cannot make, and to make sure users understand which of these claims are backed up by math, which are backed up by law, and which are backed up with thoughts and prayers, so that these users can make informed decisions about how they use a service they're relying on for their personal liberty.
[+] [-] Verdex|4 years ago|reply
It always ends up being something like, "Well, I could buy a bunch of raspberry PIs with cash and then go to a coffee shop that I never go to and upload the message to a gmail account that I'll only ever use once. Throw the PI away afterwards in a random trash can in town and make sure to wear gloves every time I touch it. Finally use some sort of encryption scheme or something so I can identify myself for repeated correspondences because each time will be with a different one shot email account."
It turns out that this isn't some fanciful paranoia, but is in fact the bare minimum of what I should be doing if something like that ever came up.
[+] [-] laurent123456|4 years ago|reply
[+] [-] snet0|4 years ago|reply
[+] [-] ArnoVW|4 years ago|reply
[+] [-] nicolas_t|4 years ago|reply
If I sign up with protonmail today using a vpn like mullwad, since I'm probably not currently be targeted, I can reasonably be sure that it will be difficult to track things back to me.
However, once I'm targeted and there's a warrant against me, any activity I have on such services is going to be logged going forward.
So, using the service once to receive some data or do something anonymously is reasonably secure... This is very different from services like gmail which will have kept any logs in the past about me and that will always be able to track me without any further logging.
It's imperfect but I think that given the current environment and the current laws, this might be the best we can have.