this post was submitted on 03 Nov 2025
411 points (94.0% liked)
Technology
76581 readers
2496 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
That’s the issue.
What data? Here it is the IP address and only under order by authorities.
I feel ever since the social media shitstorm people love to pile on Proton for anything. They never said they won't comply with law enforcment, did they?
Whatever they gather. It says as much in the article; they started recording IPs once a request by the Swiss government came through.
That's based on the currently available laws. So if a law gets drafted that says "if we suspect someone to be complicit in criminal activity we want you to gather more data" we should just be fine with that because the authorities say so? Because the authorities are always infallible and incorruptible, right?
The details of this individual case isn't the problem, it's the precedent it sets that is. When Mullvad got raided for their logs there was nothing recovered because they don't store anything. Proton stores things based on if the authorities ask them to, and when they find out that it wasn't a terrorist or child-trafficker they go "woops we had no idea the account belonged to a climate activist."
The authorities aren't infallible. Some years back here in Sweden we had police raid, physically abuse, and kidnap a guy they suspected was a pedophile because he'd sent images of him and his 30 year old boyfriend having sex via Yahoo Mail. There's no reality where this man should've been fucking beaten up and traumatised the way he was, but it happened, and there was no recourse for him. Nowhere down the chain of responsibility did anyone get reprimanded or investigated for misconduct.
Complying with the law is such a bullshit fucking excuse.
ProtonMail does not log things by default, but they can still be court ordered to do so by swiss authorities - if you want to run any business at all, you have to submit to a jurisdiction, you can only choose which one to run under. And even if your chosen authority is alright by itself, it can still be misled by other jurisdictions like the French did, using the terror-cudgel against climate activists.
I can also recall that in this case Proton said that had their user actually bothered to use any VPN, even Proton's, there wouldn't have been anything to give to authorities except for an exit node IP.
"She shouldn't have dressed that way."
Proton could do better, and it's ridiculous that there are people out here okay with them not doing better.
You'll agree that Proton doing better would require them to move to a different country, right?
Also Mullvad doesn't offer email accounts, does it? Seems that they couldn't have a 'no user data' policy if they did since the emails would be exactly that.
I'm okay with this. Sweden isn't exactly known as a bastion of freedom. Our current minister of equality (Liberals) is pushing for a porn ban. The EU proposal colloquially called "Chat Control" was originally put forth by the Swedish EU Commissioner Ylva Johansson who belongs to the Social Democrats.
You'll forgive me if I don't feel like it's productive to repeat myself, but if you genuinely care for a response you can view it here: https://pawb.social/comment/18804733
Have a good one.
Mullvad is not a mail provider...?
They both have no-log policies. One is "we never log" and the other is "we log sometimes" do you see the difference?
The difference is that they're different products with different technical requirements.
So Proton should refuse to comply with the law and have to close their entire business?
I don't know about 'should' but wasn't that the impression their marketing tried to give? Or at least that they would fight to defend user privacy for noble activists? But when challenged, its owners seem to have folded quicker than a strapontin.
No. Nothing in their marketing says they'll refuse to comply with lawful orders.
They do successfully challenge many of them. This is all documented in their transparency report.
Maybe not now, but it used to say 'your privacy comes first' which certainly gave the impression privacy would be more important than blindly believing and obeying courts.
Thanks for the link to their report.
Privacy is not binary. It lives on a Spectrum. On one end you have Proton and Tuta. And on the other, Gmail, Outlook, Yahoo, etc.
For sure, I know this, but privacy does not come first for any of them and it was wrong of Proton ever to say it did. To them, their survival comes before yours, so they will betray you to the Swiss courts if needed.
No. The impression their marketing gave was that they followed Swiss law.
Legal entity that doesn't comply with the law is simply not possible. If you think otherwise, you're being really naive
And yet, legal entities are often found guilty of not complying with the law. I think people were expecting Proton to at least try to fight a morally-questionable court order.