SionainnMar 6
Edward L Platt
After providing the FBI with the payment details associated with an activists email account, @protonprivacy is getting a lot of criticism. This is a topic I have spent some time studying and a lot of comments are missing important context. 🧵1/
Mar 6 at 3:19pmWeb
Show threadEdward L PlattMar 6

Proton's privacy model is (in my words):
1. Keep the bare minimum information necessary to function. In particular, they do not have access to message content.
2. Hand over any legally subpoenaed information.

They are very clear about this, and this is exactly what they did in this case. Anyone who expected them to do otherwise has been misled by their digital security training.

🧵 2/

Show threadEdward L PlattMar 6

Email providers like Lavabit have tried to fight subpoenas in the past, including a lovely legal hack involving tiny font. But ultimately it ended in shutting down.

https://en.wikipedia.org/wiki/Lavabit

🧵 3/

Lavabit - Wikipedia

Show threadEdward L PlattMar 6

If an email (or other digital infrastructure) provider claims to be subpoena-proof, there is a good chance they are lying to you and/or themselves.

The only truly subpoena-proof options are decentralized peer-to-peer infrastructures, which require a lot of technical skill and continuous maintenance. Most activists don't have the spare time and energy to run that kind of infrastructure. Consider how many found choosing a mastodon instance to be prohibitive.

🧵 4/

Show threadEdward L PlattMar 6

This isn't "good guys" and "bad guys." Digital security is a matter of using the tools available and being aware of what they can and can't do. Proton is a valuable tool for activists, when it is used with its limitations in mind.

🧵 5/5

Show threadEleanor SaittaMar 6
@elplatt The key point for me was that it was a Swiss judge who signed the order, via a US-Switzerland mutual legal assistance treaty. So they had an order from a judge with jurisdiction over them. If they'd folded based on a US court order without having a US legal presence, I'd be notably more worried.
Show threadEdward L PlattMar 6
@dymaxion Yep. The fact that the US has a mutual treaty with Switzerland, and the Swiss court's handling of the request is more of a story, in my opinion
Show threadEleanor SaittaMar 6
@elplatt
Yup. But also not a Proton problem as such