wakest likes your bugs ⁂RE: https://mastodon.social/@404mediaco/116178581339270397
Proton is a honey pot. If you are using it as an activist you should think twice about what its actually providing you.
heres the full article behind the paywall https://archive.ph/gx6U4 (yes I know archive.today has some serious issues too, but I don't have a better source to unpaywall links yet)
Proton doxxed @defendATLforest directly to the Swiss authorities which then handed the information directly to the FBI. The police have KILLED people defending the forest there. Tortuguita died for this movement https://en.wikipedia.org/wiki/Killing_of_Tortuguita
Hey @thefinalstrawradio, yall should probably cover this Proton situation...
Pretty interesting comment thread on the @404mediaco's Instagram post about this story https://www.instagram.com/p/DVhXbQfjMH-
404 Media on Instagram: "Privacy-focused email provider Proton Mail provided Swiss authorities with payment data that the FBI then used to determine who was allegedly behind an anonymous account affiliated with the Stop Cop City movement in Atlanta, according to a court record reviewed by 404 Media. The records provide insight into the sort of data that Proton Mail, which prides itself both on its end-to-end encryption and that it is only governed by Swiss privacy law, can and does provide to third parties. Edward Shone, head of communications for Proton AG, the company behind Proton Mail, told 404 Media in an email: “We want to first clarify that Proton did not provide any information to the FBI, the information was obtained from the Swiss justice department via MLAT. Proton only provides the limited information that we have when issued with a legally binding order from Swiss authorities, which can only happen after all Swiss legal checks are passed. This is an important distinction because Proton operates exclusively under Swiss law.” Functionally, though, the material was provided to the FBI. “Proton accepts payments via cryptocurrency, cash, and also credit card. If you use a credit card, we do have access to the payment identifier which can be used to identify the credit card holder from the card issuer. We check all legal orders received from Swiss authorities and we understood that a law enforcement officer was shot and explosive devices were involved, and we verified that Swiss legal requirements were met,” he added. The FBI search warrant affidavit does not mention a shooting. Police killed Manuel Paez Terán in January 2023 at a forest protest after they fired a gun at police from inside a tent injuring an officer, records reviewed by The Guardian showed. Before the shooting, police fired pepper balls into their tent, the records showed. @evystadium has more. Read at 404media.co"
13K likes, 659 comments - 404mediaco on March 5, 2026: "Privacy-focused email provider Proton Mail provided Swiss authorities with payment data that the FBI then used to determine who was allegedly behind an anonymous account affiliated with the Stop Cop City movement in Atlanta, according to a court record reviewed by 404 Media. The records provide insight into the sort of data that Proton Mail, which prides itself both on its end-to-end encryption and that it is only governed by Swiss privacy law, can and does provide to third parties. Edward Shone, head of communications for Proton AG, the company behind Proton Mail, told 404 Media in an email: “We want to first clarify that Proton did not provide any information to the FBI, the information was obtained from the Swiss justice department via MLAT. Proton only provides the limited information that we have when issued with a legally binding order from Swiss authorities, which can only happen after all Swiss legal checks are passed. This is an important distinction because Proton operates exclusively under Swiss law.” Functionally, though, the material was provided to the FBI. “Proton accepts payments via cryptocurrency, cash, and also credit card. If you use a credit card, we do have access to the payment identifier which can be used to identify the credit card holder from the card issuer. We check all legal orders received from Swiss authorities and we understood that a law enforcement officer was shot and explosive devices were involved, and we verified that Swiss legal requirements were met,” he added. The FBI search warrant affidavit does not mention a shooting. Police killed Manuel Paez Terán in January 2023 at a forest protest after they fired a gun at police from inside a tent injuring an officer, records reviewed by The Guardian showed. Before the shooting, police fired pepper balls into their tent, the records showed. @evystadium has more. Read at 404media.co".
an "article" about this situation on X https://x.com/DoingFedTime/status/2030108076531995016 that has some information I hadn't seen. I say "article" cause it seems like its def all put together by an AI but regardless has sources I hadn't seen mentioned here
they are actively making security training videos making it look like they are against ICE and on the "our side" but then they are providing no guardrails to the fact that if you pay for any of their products the ways they are advertising, they will give your personal information to the government.
The Tech ICE Uses To Find You
@benjordan made a good video about this situation with actual advice that proton could implement to avoid this situation in the future https://www.instagram.com/p/DVjuTPcEeBE
Benn Jordan 🎛️ on Instagram: "I pay good money for a service to actively help protect my privacy. NOT for a company to brigade journalists covering instances of privacy being compromised."
6,000 likes, 274 comments - bennjordan on March 6, 2026: "I pay good money for a service to actively help protect my privacy. NOT for a company to brigade journalists covering instances of privacy being compromised.".
Semitones@liaizon @benjordan Compare this to Signal, who famously only gives out the date an account was registered, and the last time it was online, since that's all their organization knows about you.
I will have to figure out how to read Instagram comments. https://codeberg.org/proxigram/proxigram/wiki/Instances
@liaizon @benjordan Does any company accept payments this way? (You buy a gift card* with your credit card, that gift card goes into a pool of other gift cards of equal value, and you are entitled to use a random gift card to pay for your subscription. )
* technically a certificate? Idk.
* technically a certificate? Idk.
Jackson Mostoller@liaizon very “pay us so you don’t have to be a security expert—but also, lol you should’ve been a security expert if you actually wanted us to protect you”
Lord Tom Klopf of CZ 
@mostol @liaizon probably Tuta is better but email is just not architected to be anonymous or private. Ultimately you depend on the provider not to screw you over. Or you can run your own email server but that is beyond the technical skills of most folks that need it. And then you’re saying, ‘I’m running a mail server here, come get me’ . IMHO running some kind of messaging service over Tor is the safest option.
The Final Straw Radio@liaizon proton appears less a honeypot than a business that operates in legal jurisdictions under a TOS, required to give info they have to governments during investigations.
Movements and individuals shouldn't consider info they give up safe to such a project (payment info, legal IDs, contact info).
Such concerns require services where anonymous payment is possible or no payment is required
This thread gives some smart challenges to the question of security v useability
https://bsky.app/profile/activistchecklist.org/post/3mgdwg4zn5c2d
Movements and individuals shouldn't consider info they give up safe to such a project (payment info, legal IDs, contact info).
Such concerns require services where anonymous payment is possible or no payment is required
This thread gives some smart challenges to the question of security v useability
https://bsky.app/profile/activistchecklist.org/post/3mgdwg4zn5c2d
ActivistChecklist.org (@activistchecklist.org)
🧵 Today’s news: Proton turned over payment info for a Stop Cop City account. Not good — it's state repression in action. Controversial opinion: We don't think this means all activists should abandon Proton for docs/email. It depends on your threat model. Let's explore. (Long thread incoming 👇) [contains quote post or other embedded content]
Saoirse@thefinalstrawradio @liaizon so what's a good alternative?
@MousyAesthete @liaizon the link I edited in above gives a few options but more importantly suggests threat assessment to guide you to the option that makes the most sense for your needs.
Take away: the tradeoff between ease of use and likely need/threat needs to be balanced out
Take away: the tradeoff between ease of use and likely need/threat needs to be balanced out
@thefinalstrawradio @liaizon thank you. Threat modelling is always the first step when thinking about privacy, and email seems like it's always the wrong tool for the kinds of communications that a hostile state actor would want to get access to. I think what's concerning about Proton (and I say this as a Proton user) is that their marketing has always made or at least implied claims that they can't possibly achieve given the nature of email
@thefinalstrawradio I think you miss what I mean by honey pot. They are advertising themselves as a secure safe place for journalists and activists. If that was actually the case they should not be collecting credit card information that they can be forced to hand over in the first place. I agree in an ideal world that people should know better then to give credit card information linking themselves to such a thing, but that is simply not the world we live in.
@liaizon ah, seeing your point. Yup, not the perfect world and these points need to be repeated
Cassandrich@thefinalstrawradio @liaizon But Proton's CEO is also fash-aligned. From the "wikileaks rapists, drug dealers, csam peddlers, qanon" school of privacy not the "antifascist & anarchist" school of privacy.