• seathru@lemmy.sdf.org
    ·
    edit-2
    6 months ago

    No company is going to legally go to bat for you for $10/mo. I love how Proton nonchalantly calls out the user's dumb move in the article:

    Proton provides privacy by default and not anonymity by default because anonymity requires certain user actions to ensure proper OpSec, such as not adding your Apple account as an optional recovery method. Note, Proton does not require adding a recovery address as this information can in theory be turned over under Swiss court order...

    • azalty@jlai.lu
      ·
      6 months ago

      Proton does require a recovery email address if you sign up to a mail forwarding service or similar, right after creating the account. In that case the account remains locked if you don’t, so that’s just a lie

  • Zerush@lemmy.ml
    ·
    6 months ago

    Logically, any service, whether private or not, is required by law to reveal the user data they have, if there is a court order for a criminal investigation. Proton cannot refuse, if it does not want to face a complaint that could even lead to the closure of its service. That is, in this headline the "Proton Mail" can be replaced by any other email, host, chat, social network, VPN, Lemmy, it can occur in any of them. As said, read TOS and PP of what you use

      • Zerush@lemmy.ml
        ·
        6 months ago

        They don't have information about the content of the mails, but same as any other mail provider the account data and the IP, this is the data which they can provide to the police. The rest are informations from the ISP and from own investigations of the police itself. Because of this the title that "Proton discloses user data leading to arrest in Spain" is somewhat sensationalist.

  • lemmyreader@lemmy.ml
    ·
    edit-2
    6 months ago

    All the commenters suggesting that Proton is just a company and would always give in to legal requests and all other companies and any email provider would do the same, here's some more to add. Yesterday I saw a now invalid toot comment from ProtonPrivacy on Mastodon Social where they wrote that it was Apple who was to blame and that Proton gave the recovery email address only because this was a case of a terrorism suspect suggesting that if that (terrorism) was not the case they would not have given in to the request. Today their comment sadly gives a 404 error. Searching a bit further this article comes up mentioning Proton and Wire :

    • https://www.elnacional.cat/en/politics/judge-garcia-castellon-accuse-mossos-police-officer-tsunami_1202609_102.html

    In the new resolution, the National Audience judge recalls that in January, in a judicial report he issued on the case, he highlighted a conversation from July 12th and 13th, 2020, about the king's visits, which was included in the Tsunami investigative evidence, and of which he admits that until that point he had not made reference in his investigation which extends over the period from 2016 to 2022. Specifically, one of the people under investigation, the Girona businessperson Josep Campmajó, spoke to the figure named Xuxu Rondinaire, with profile @marietadelulllviu, about mobilizations in 2019, using the Wire messenger app. The judge has asked for the identification of this person, information now obtained by the Civil Guard, which details that they used Europol to ask the Swiss authorities for the Wire firm to identify the person behind this pseudonym, with a profile that is also used in Proton Mail, an encrypted email system. In the police cooperation form requesting the information, the Spanish officers indicate to the Swiss authorities that the investigation is for the crime of terrorism.

  • bufalo1973@lemmy.ml
    ·
    edit-2
    6 months ago

    Proton should look who was asking the disclosure. He's a known far-right judge that opens cases like beer cans. And the "terrorist" group is marked as such because someone had a heart attack the same day there were protests in Catalonia.

    • telep@lemmy.ml
      ·
      edit-2
      6 months ago

      only as private as you make it. they are required by law when mandated by a warrant to release IP & other (unencrypted) data they have on you. use a proxy to connect & take other opsec measures to conceal your online identity just like other sensitive web browsing activities if you want to use email "privately".

      this is really only helping anonymity though, as the email protocol has no built in encryption. unless you are using PGP it really isn't apt for secure communication at all.