@skinnylatte i've had Proton for over a year now and like them. Anyone who is disappointed about this shouldn't be surprised. They have to obey Swiss law after all.

If you want a privacy-focused email provider, there aren't a lot of choices and Proton is still one of the best.

@taylor @boojum @skinnylatte

If they can't structure their service in a way that avoids the collection and storage of personally identifiable customer data, then they have no business claiming they offer privacy. This is like charging a premium for the world’s most secure door lock when a burglar can easily enter your house by breaking a window.

@freediverx @boojum @skinnylatte How do you charge somebody's credit card regularly on a subscription basis without storing any PII or working with a third party that stores PII?

This is like charging a premium for the world’s most secure door lock when a burglar can easily enter your house by breaking a window.

In which case it would be ridiculous to blame the door lock company when somebody breaks your window.

I think a more apt analogy is that it's like a hotel charging a premium for a high-privacy room, but still giving their card records to the FBI when they come with a warrant for those records, telling them what credit card paid for which room.

@taylor Service One sells subscriptions and verifies subscription status using the hashed version of a key.

Service Two is the encrypted email service. It also stores an encrypted version of the unhashed key.

Service Two verifies your subscription with Service One the first time you check your email each month.

I'm sure there are easier or more secure ways to do it, but that's one way.