Lee DunaProton Mail Discloses User Data Leading to Arrest in Spain
imkaliSounds like an avoidable problem, that Proton didn’t have a whole lot to fight it with. Obviously they could/should have fought it in court, but this could have been avoided if the individual simply didn’t link a recovery email and/or didn’t share the same email across Apple products + protesting. Although, the article does point out that if you sign up over Tor or a VPN it requires a verification email, which sucks- though you could just use a temporary email address to get around it.
Key information:
The core of the controversy stems from Proton Mail providing the Spanish police with the recovery email address associated with the Proton Mail account of an individual
individual is suspected of being a member of the Mossos d’Esquadra (Catalonia’s police force) and of using their internal knowledge to assist the Democratic Tsunami movement.
Upon receiving the recovery email from Proton Mail, Spanish authorities further requested Apple to provide additional details linked to that email, leading to the identification of the individual.
This case is particularly noteworthy because […] complex interplay between technology firms, user privacy, and law enforcement.
requests were made under the guise of anti-terrorism laws
primary activities of the Democratic Tsunami involving protests and roadblocks
Proton Mail’s compliance with these requests is bound by Swiss law
Comment from Proton:
We are aware of the Spanish terrorism case involving alleged threats to the King of Spain, but as a general rule we do not comment on specific cases. Proton has minimal user information, as illustrated by the fact that in this case data obtained from Apple was used to identify the terrorism suspect. Proton provides privacy by default and not anonymity by default because anonymity requires certain user actions to ensure proper OpSec, such as not adding your Apple account as an optional recovery method. Note, Proton does not require adding a recovery address as this information can in theory be turned over under Swiss court order, as terrorism is against the law in Switzerland.
The reporter noted that disposable verification addresses are rejected by Proton.
You can simply use either: a different protonmail address or a similar service like tutanota.
And how do you get either of those using a throwaway verification account?
I mean, suit yourself if you insist that you can or only want to do it with a throwaway. I'm saying you can do it with similar services like tutanota as the failover address, eliminating the need for a throwaway.
My bad. I thought Tuta also required a verification email when I created an account several years ago. Just tried it, and they don’t appear to these days. Good to know. Thanks.
Ah, my bad, I’ll edit my comment.
It feels a little like we’re playing Whack-a-Mole with threading multiple email providers here. :)
The handle is a hobby nickname, by the way. My wife started calling me that as a trail name several years ago, and it stuck.
Beaver [she/her]Sounds pretty messed up.
I don’t know if what I do is the right way around this but, as stated Proton will reject disposable verification emails and you cannot use another proton account to verify a new one.
My workaround for this is to verify proton with a Tutanota account which is also created with as little to no identifiable information as possible.
TLDR: Proton accepts Tuta emails for verification and Tuta emails can be created anonymously.
Which leads to the next logical question: Why not just use Tuta in the first place?
Valid point. I do prefer the UI with Proton, I find it nicer to click through. Also, Tuta usually makes you wait 2-3 days before you can use it - not a big deal really, unless you’re trying to sign up for something new.
There was no wait period when I signed up for their service, but that was several years ago. Things always change.
How does Tuta compare to Proton on the root complaint of this post?
Other than not requiring a second email address linked to their service, being covered by German rather than Swiss law, actually fighting back against information requests, and not sucking up to the Chinese Communist Party, Tuta is probably fairly similar. Those differences, though, are persuasive.
Christoph SchmeesAlways good advice. But at least make the second basket one that you can trust. Proton ain’t it.
MikufanNothing they can do about that.
They could avoid storing the recovery email in plaintext. A hash would be sufficient if they require the user to enter their recovery email for confirmation when they really need to recover the account.
For an ostensibly privacy-oriented service, Proton makes some weird architectural choices.
I’ve had to use the recovery, they need plaintext because they send you a recovery code or a support ticket (depends) nobody knows all their emails.
they need plaintext because they send you a recovery code or a support ticket
Sure, but we’re talking about architectural choices. It is Proton’s choice to use that system; it is not required for the goal of account recovery.
Well yes but you could just set another Proton account as recovery and not your email which you used to sign up to everything…
Can you? Didn’t someone else mention that Proton don’t allow another Proton account?
Well… I did… Idk
Well on the other hand you can just not be a terrorist (for that case)
You can also set a temporary mail if another Proton isn’t working. There are enough ways around such restrictions.
This person isn’t a terrorist.
Proton also don’t allow temp addresses.
The person is a terrorist by definition and Proton does allow temp addresses simply because they cant enforce that you don’t just set up a SMTP server on your pc and get a temporary mail from that…
They are privacy focused but you don’t have to use their services for committing treason and plan terrorist actions/actions against a state when you are to dumb to not use your go to email as recovery.
Did you read the story? Or are you just here to stir the pot and display your Proton Fanboi bona fides?
I question if you’ve read the story. Its a very clear case that is painted in the story.
Its a very clear case that is painted in the story.
Indeed it is. The police asked and Proton provided. Very clear indeed.
At last, something we can agree on.
Like… They are required to do by law because its a terrorism case.
Questionable and not the point.
The pointis that the person is an idiot and Proton had to comply with a request about a terrorist.
The point is that Proton, a company that sells privacy, violated that trust, apparently without much of a fight.
The Spanish police didn’t even allege that the person is a terrorist.
I think we’re done here. We’re not even speaking the same language.
Have a nice life.
Diamond_AaronXG@CaptObvious @Mikufan if the user practiced proper opsec it wouldn’t be an issue. Proton provides privacy not anonymity. Those are 2 different things. The second requires opsec in the users end.
if the user practiced proper opsec it wouldn’t be an issue
Agreed
Proton provides privacy not anonymity
Anonymity most certainly is a part of privacy.
@CaptObvious Proton never claims to provide anonymity though. They even state that it depends on proper opsec. It was the user fault for proving an email as a recovery that led to a more “willing” company that gave his data to police. If they had never done that, it would be a different situation.
Anonymity is an aspect of privacy. Arguably, it is even expected. Proton pat themselves on the back about privacy without being honest about what that includes. They even have a blog post victim-blaming when their “privacy” marketing is shown to be false.
Admittedly, I don’t like Proton. They were far too quick to try to jump in bed with the Chinese Communist Party when Google was kicked out. It left a bad taste. I’ve seen absolutely nothing in the years since to make me question that position.
Venia SilenteThey could host themselves in a different place with better privacy laws. I’ve always wondered why, for example, don’t privacy services establish themselves in international waters or in micronations such as Sealand.
Because Proton is part of CERN and the privacy laws in Switzerland are very strict. They just have to hand over stuff for very certain cases, terrorism and treason being such cases.
, terrorism and treason being such cases.
but “muh terrorism” is such a wildcard that it can be (and is) used to excuse anything, so that’s pretty much the same as saying that Proton does not offer any guarantee at all.
If you say so.
I do not understand why people continue to trust Proton. They seem no better than Gmail from where I sit.
Depends in what field. Proton, at least, doesn’t scan your email contents and metadata to sell it on to advertisers.
FWIW Gmail no longer sells your email data to advertisers either. That changed years back.
ᗪᗩᗰᑎI’m gonna need some evidence before I believe Google isn’t analyzing all the data that passes through it unencrypted.
@something_random_tho @requiem
That's a blunt lie.
I have own experiences from 2019 and 2022.
https://www.pc-fluesterer.info/wordpress/2019/02/11/google-verkauft-personendaten/
https://www.pc-fluesterer.info/wordpress/2022/05/28/bedrohlicher-datenhandel-durch-google/
That's a blunt lie.
I have own experiences from 2019 and 2022.
https://www.pc-fluesterer.info/wordpress/2019/02/11/google-verkauft-personendaten/
https://www.pc-fluesterer.info/wordpress/2022/05/28/bedrohlicher-datenhandel-durch-google/
sigmaklimgrindsetGoogle doesn’t sell your data because they don’t need to. They take the data and use something called Real Time Bidding that also skirts GDPR and data protection laws/best practices.
People in this thread are really showing their ass about how little they know about how their data is actually being collected and protected. Sure, Proton isn’t 100% private, but to say Proton and Gmail are on the same levels of consumer protection is hilarious.
Proton upheld their claim of privacy, no Emails were disclosed. But they never promised anonymity cause that’s something they simply can’t do under the Swiss law. If you willingly give them your other mail addresses or contact details, they have to comply. Sure they could have denied the Spanish authorities, but it takes less than a week to get a court order for things like this.
And if they didn’t require that secondary email address or would allow a temporary, they would have had nothing to give in the first place.
Proton aren’t the victim here.
Proton doesn’t require a recovery email.
Proton isn’t the victim, but they aren’t at fault either.
Oh yes because you HAVE to give them your real.name@gmail address. Very cool and privacy focused.
Suspect knew what info he had put where. Poor OPSEC.
Yes, as the reporter demonstrated, you have to give them a second email address. Or did I miss your point?
I think you missed their point. You don’t have to give them anything related to or connected to your real name or identity.
Fair point.
They don’t require a secondary email address.
They do in certain cases. If you sign up through a VPN or Tor, they require you to provide a recovery email. They don’t accept temporary email addresses, and even if you don’t sign up work a VPN, they’ll still collect and be obligated to hand over your IP
I don’t think that Proton sells my data to advertisers or trains AI using my emails and documents. As of laws, unfortunately any service in any reputable country has to obey them. You can always buy a server in some banana republic and set up an email service there, but even then there are some risks.
All good unrelated points.
With Proton’s anti-privacy requirements for establishing service, they don’t deserve anyone’s trust. They’re just a LEO honeypot that charges you to get in. Again, in that regard, you may as well stick with free Google. At least they’re (mostly) honest about what they are.
Pasta DentalHow is proton being dishonest here? I’d like to read your point. They never pitched themselves as a way to protect yourself from the law, they always clearly said they are a confidential email provider, meaning they don’t know what you are sending and receiving. It works like a doctor meeting, the information is very confidential, but not anonymous, it is tied to you even though nobody except authorized parties should be able to access this info.