• Proton Mail assisted Spanish authorities in identifying and arresting a member of the Catalan independence organization Democratic Tsunami.
  • The company’s end-to-end encrypted email platform aims to protect user data, but recent events suggest potential vulnerabilities.
  • Proton Mail was also required to provide user data to Swiss authorities for a separate case involving a French climate activist, emphasizing the importance of proper Operational Security measures.

Also obligatory video: https://www.youtube.com/watch?v=iH626CXyNtE

  • fartington@lemm.ee
    link
    fedilink
    English
    arrow-up
    179
    ·
    6 months ago

    Proton CEO

    The name/address of the terrorism suspect was actually given to police by Apple, not Proton. The terror suspect added their real-life Apple email as an optional recovery address in Proton Mail. Proton can’t decrypt data, but in terror cases Swiss courts can obtain recovery email.

    • barkingspiders@infosec.pub
      link
      fedilink
      English
      arrow-up
      65
      ·
      6 months ago

      Thanks for posting this, it’s important people catch more than just the headline. This is clearly another example of proton delivering on their promise. Fucking headlines gonna headline.

    • cheese_greater@lemmy.world
      link
      fedilink
      English
      arrow-up
      19
      arrow-down
      6
      ·
      edit-2
      6 months ago

      I mean, Proton was the necessary link. Not even like I fault them, people should realize email or any other 2-sided activity has 2 (or in this case, 3(+?)points of weakness.

      Dunno, just hate the way we lie without even lying nowadays. Mot sorry that Rubes get rubed

      • just_another_person@lemmy.world
        link
        fedilink
        English
        arrow-up
        12
        ·
        6 months ago

        There is no lying here. Adding real world identification that can be correlated to other accounts is the fault of the user. That’s being said, I’m glad Proton follows the letter of the law.

      • pathief@lemmy.world
        link
        fedilink
        English
        arrow-up
        4
        ·
        6 months ago

        I mean… If Proton had no way of knowing your recovery email, it would be pretty pointless to set one up. If they do have a way of knowing it, they are bound by swiss law to give it up. No company is above the law, they have always been very transparent on that matter.