ProtonMail deletes 'we don't log your IP' from website after activist arrested

Be careful when companies market themselves as Swiss or that due to them being located in Switzerland means there is some extra layer of security or privacy.<p>Sure, it&#x27;s a more stable country than many other countries in the world, but not much different from most EU countries for example. And privacy wise there is no difference.<p>Be also aware of the fact that many companies market themselves as Swiss, but all it means is they have a head office in Switzerland due to tax reasons. In one example, it&#x27;s a cloud storage company, they say on their marketing page and their about page that they are based in Switzerland and under Swiss law, but if you look at the legal pages the company you sign up with are actually based in Bulgaria. Their servers are based in Texas, USA and Luxemburg, Europe and their development team in Bulgaria.

The ProtonMail guys always said that unless they were 20 miles from the littoral, in the sea side, they had to abide by national laws. So it was bound to happen.<p>What makes me sad is how flimsy their entire premise (not necessarily &quot;promise&quot;) turned out to be: all it took was some minor rascal in France to hug the wrong tree (so to speak), and ProtonMail is in the open saying they can&#x27;t even protect the IP address of their customers. From there, all it takes is for somebody to change a law in Switzerland and end-to-end encryption of the messages themselves will only be &quot;by default.&quot;<p>I think there is a market for datacenters in open seas.

The expectation that Proton would be able to disobey the legal requests of their local authorities with impunity is unrealistic. Protonmail makes certain claims about privacy, particularly about encryption. They don&#x27;t make any claims that they have the intention, or ability for that matter, to defy local authorities at their peril. Like Grugq said in one of his presentations (paraphrased): <i>&quot;Don&#x27;t expect your VPN company to do your jail time for you&quot;</i>. I&#x27;m neither for nor against Protonmail. I don&#x27;t think they&#x27;ve been dishonest. I think people have an unrealistic expectation of the service they offer. They offer additional <i>privacy</i>, not legal indemnity.

I see many comments here that seem to be uninformed. Please, make sure to ProtonMail&#x27;s official statement first. It includes a lot of important background info: <a href="https:&#x2F;&#x2F;protonmail.com&#x2F;blog&#x2F;climate-activist-arrest&#x2F;" rel="nofollow">https:&#x2F;&#x2F;protonmail.com&#x2F;blog&#x2F;climate-activist-arrest&#x2F;</a><p>For example, this paragraph is important:<p>&gt; <i>Unlike other providers, we do fight on behalf of our users. Few people know this (it’s in our transparency report), but we actually fought over 700 cases in 2020 alone. Whenever possible, we will fight requests, but it is not always possible.</i>

I don&#x27;t see why it&#x27;s AS big a scandal given what CEO stated and reading accounts from reputable news sources.<p>My quick take: France tells Switzerland who then compels PM to START tracking account holder(s) and prevented PM (by law from what I&#x27;ve read) from telling account holder. Per PM CEO this type of Swiss order could not be disputed with the way PM has disputed other claims.<p>To me, it&#x27;s not logging of the IP; it&#x27;s when did it start and from my reading they started after being compelled to do so over a period of time between compelled to and this coming to light.<p>To me, strong pushback (for those who feel passionate about it) should be directed to Switzerland for complying with France for what many think is not a high enough bar to compel all this tracking. Maybe they did scrutinize it and maybe they didn&#x27;t.<p>Any meta-data saving isn&#x27;t secure but sharing that after being compelled to track account holders isn&#x27;t surprising.<p>There&#x27;s a line in their agreement that says &quot; If a request is made for encrypted message content that we do not possess the ability to decrypt, the fully encrypted message content may be turned over.&quot;.<p>Maybe I&#x27;m missing something in my logic.

I guess ProtonVPN also is not an exception to such &quot;undeniable&quot; requests. Bad day for company who bank on &quot;no log&quot; policy. Their marketing division will have a ton of work to fix reputation :)

&gt; stated: &quot;No personal information is required to create your secure email account. By default, we do not keep any IP logs which can be linked to your anonymous email account. Your privacy comes first.&quot;<p>And it still holds!!<p>What it didn&#x27;t stat is that while _by default_ no such information is logged, but if they are legally compelled to they will log such the neseccary information for the email (account?) they are required to log them for.<p>Its honestly surprising for me that anyone though that a fully legally (in Swiss)operating service would protect their privacy beyond the point they are allowed to by Swiss law. But luckily for us Swiss law is pretty neat wrt. privacy, at least currently.

PM was a hoax from the start. Just talk to the Lavabit guy Ladar Levison or look up Crypto AG.

Why don’t they use surveillance in anti-corruption squads to make sure no back room deals are being made inside the government?<p>This tool is turned against the poor and marginalized and used to eliminate opposition but not for making the system work better as it was supposed to.<p>In a sense society is being hacked by those in power using surveillance.

I’m not that surprised that ProtonMail folded; as someone else said they’re not going to do jail for you. What’s concerning is the nature of this warrant and arrest. As far as I can tell all the articles haven’t mentioned any actual crimes; is France just straight up arresting climate activists now?

For secure communications it’s much better to use Signal than e-mail. (Preferably with disappearing messages.)<p>I understand that people desire the UX of an e-mail client such as Thunderbird, Mail.app, Gmail or whatever. Nothing wrong with wanting that. But there is currently no good way to send e-mail securely.

It‘s really tiresome how it‘s become the normal to market all kind of fantasy interpretations of your value proposition and banish all nuance to legalese documents. ProtonMail has enough to justify itself, it doesn‘t need all the over the top claims of Swissness or blunt statements about privacy that are only half truths. They could also do without their spintastic, content marketing blog.

This is not surprising to me. I will still continue to use ProtonMail. I never signed up because of the &quot;no IP logging&quot; thing. In fact, if I had seen it before I just plain wouldn&#x27;t have believed it, and still used ProtonMail. But hindsight is 20&#x2F;20

I think as an EU citizen you have more privacy on yandex.ru than PM. Russian authorities are unlikely to collaborate with French one for instance

Recent and related:<p><i>Clarifications regarding arrest of climate activist</i> - <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=28433601" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=28433601</a> - Sept 2021 (273 comments)<p><i>ProtonMail logged IP address of French activist after order by Swiss authorities</i> - <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=28433131" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=28433131</a> - Sept 2021 (155 comments)<p><i>Climate activist arrested after ProtonMail provided his IP address</i> - <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=28427259" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=28427259</a> - Sept 2021 (565 comments)

So they &quot;don&#x27;t log your IP&quot;, until the first time someone challenged that statement. Talk is cheap.

Maybe I missed it in all the kerfuffle, but what was the crime that was allegedly committed by the French climate activist that required ProtonVPN to comply with this request for IP information?

ProtonMail has been fraught with problems for a long time, and it&#x27;s good that serious issues are being brought to light. Their marketing is very good and critics of them have struggled to communicate to users for a while.<p>The most important thing a serious privacy-minded service provider can do is be <i>forthright</i> and <i>honest</i> with users about the limitations of their privacy guarantees, particularly with respect to what hinges on math and what hinges on trust. ProtonMail has failed in this respect. It has always been the case, for example, that they could log these IPs, or that any incoming plaintext emails can be recorded before being encrypted at rest - and the fact that they&#x27;re encrypted at rest is another thing we have to take on faith. Their proprietary components have always been a problem, and we also trust that they won&#x27;t silently add key exfiltration to their webmail UI on the demands of a court. They don&#x27;t explain any of this, they just pose themselves as experts on privacy and let vulnerable users stumble into law enforcement&#x27;s hands because they care about their money more than their security.<p>Good privacy systems do not rely on trust or faith, they rely on math. Where some trust is required, in the case of a commercial service provider, it is their solemn duty to be honest with users and explain to them what promises they can and cannot make, and to make sure users understand which of these claims are backed up by math, which are backed up by law, and which are backed up with thoughts and prayers, so that these users can make informed decisions about how they use a service they&#x27;re relying on for <i>their personal liberty</i>.

My day to day life is pretty boring, but occasionally I&#x27;ll imagine what I would need to do if I ever had to get out a secret message out where it was important that it couldn&#x27;t be traced back to me.<p>It always ends up being something like, &quot;Well, I could buy a bunch of raspberry PIs with cash and then go to a coffee shop that I never go to and upload the message to a gmail account that I&#x27;ll only ever use once. Throw the PI away afterwards in a random trash can in town and make sure to wear gloves every time I touch it. Finally use some sort of encryption scheme or something so I can identify myself for repeated correspondences because each time will be with a different one shot email account.&quot;<p>It turns out that this isn&#x27;t some fanciful paranoia, but is in fact the bare minimum of what I should be doing if something like that ever came up.

I think a distinction must be made between a service that will protect your privacy historically and a service that will continuously protect your privacy.<p>If I sign up with protonmail today using a vpn like mullwad, since I&#x27;m probably not currently be targeted, I can reasonably be sure that it will be difficult to track things back to me.<p>However, once I&#x27;m targeted and there&#x27;s a warrant against me, any activity I have on such services is going to be logged going forward.<p>So, using the service once to receive some data or do something anonymously is reasonably secure... This is very different from services like gmail which will have kept any logs in the past about me and that will always be able to track me without any further logging.<p>It&#x27;s imperfect but I think that given the current environment and the current laws, this might be the best we can have.

Wasn&#x27;t this a form of fraud? I don&#x27;t know what the Swiss law is but in the United States, fraud is both a civil tort and criminal wrong. The elements of a fraud are:<p><pre><code> 1) the making of a statement 2) the falsity of the statement 3) an intent to deceive 4) reasonable reliance on the statement by the injured party 5) injury sustained as the result of the reliance </code></pre> ProtonMail knowingly told this activist &#x27;we don&#x27;t log your IP&#x27; in order to attract their business. ProtonMail did log the IP address. The activist believed this and got arrested.

Anyone have feedback on this <a href="https:&#x2F;&#x2F;ctemplar.com&#x2F;" rel="nofollow">https:&#x2F;&#x2F;ctemplar.com&#x2F;</a> ?<p>I get a sense to move along, but it still seems interesting. It is, or was, based in Iceland.

it seems like ProtonMail should collaborate with Lavabit to see if it&#x27;s feasible to implement darkmail (DMTP&#x2F;DMAP protocols) in production<p><a href="http:&#x2F;&#x2F;darkmail.info&#x2F;" rel="nofollow">http:&#x2F;&#x2F;darkmail.info&#x2F;</a><p><a href="https:&#x2F;&#x2F;protonmail.com&#x2F;blog&#x2F;protonmail-beta-v1-13-release-notes&#x2F;#comment-7320" rel="nofollow">https:&#x2F;&#x2F;protonmail.com&#x2F;blog&#x2F;protonmail-beta-v1-13-release-no...</a><p><a href="https:&#x2F;&#x2F;www.youtube.com&#x2F;watch?v=TWzvXaxR6us" rel="nofollow">https:&#x2F;&#x2F;www.youtube.com&#x2F;watch?v=TWzvXaxR6us</a>

ProtonMail has an official TOR page, there hardly is a reason for those performing activities illegal under relevant jurisdictions (I support the notion of illegal non necessarily being evil - in many countries many good things like fighting corruption, loving a same-sex partner or responsibly using psychoactive substances for genuine medical reasons can be illegal) to use it the way exposing their actual IP address.<p>I also don&#x27;t understand why does ProtonMail record the device type - I doubt there is a law requiring this.

If they really cared about anonymity ProtonMail would ship their mobile app with bundled TOR. Especially the mobile version, since plenty of non-tech savy people use mobile only.

I am no lawyer, but there are over 180 countries in the world, and there is not one that will let you open a company that don&#x27;t have to log user IP addresses? I call this complete BS. Protonmail has just become one of those providers that is only about making money and is probably getting money kickbacks from law enforcement under the form of legal processing fees or even something else, who knows..., really sad...

The homepage has always been misleading, since their TOS does mention that they can keep your IP address, for law-related purposes or spam prevention. Additionally, once they receive a request from Swiss police, they _have_ to comply and log those addresses. You can fight tooth and nail and pretend that your entire service is built to never see any IP, but in the end, you will still be made to log it.<p>Welcome to reality.

Similar to Apple, Protonmail seems poised to redefine privacy as &quot;privacy from advertisers&quot; rather than &quot;privacy from us too&quot;.<p>I for one am now only using Protonmail through Tor. Recommend Brave users enable &quot;Automatically redirect .onion sites&quot;. If a site has an onion service, it will automatically redirect in case you forget.

ProtonMail is my main e-mail, so I am positively biased in their favor.<p>I think their advertising copy about not logging IP addresses was poorly done, but their service is private enough for me. It probably doesn’t much matter or make much difference, but I feel OK with using their service, and tweaking my account settings for Google and Apple to the minimum amount of data retention.<p>I feel that people who let corporations easily have all of their data put themselves at a disadvantage when it comes to any interaction between yourself and any large company (insurance, retail, etc.). Governments will always have our private information so the real purpose of privacy is economic value.<p>Imagine playing poker with your friends and you had to have your cards face up on the table and they could keep their cards hidden from you. In this example, your friends are corporations.<p>EDIT: Carissa Véliz, author of Privacy is Power, was interviewed recently on the ProtonMail blog, and I think the interview does a good job of summarizing her excellent book: <a href="https:&#x2F;&#x2F;protonmail.com&#x2F;blog&#x2F;carissa-veliz-data-privacy&#x2F;" rel="nofollow">https:&#x2F;&#x2F;protonmail.com&#x2F;blog&#x2F;carissa-veliz-data-privacy&#x2F;</a>

The obvious questions being a) Why do they sell vpn ?, and b) Why is the web-email client not routed over vpn if it has any value whatsoever?<p>If they route all email over vpn, do they have to disclose the enduser&#x27;s ip ? If so, how do they avoid that with standalone vpn ?

It is not the first time this company finds itself in the center of an international scandal.<p>It has proven multiple times that privacy and security are not something they really care about.<p>I wonder what else should happen for everyone to completely lose trust in this scam.

My trust in them had been broken as soon as they asked me to honour a bill when my vpn subscription ended, instead of notifying me to renew. Respectable companies don&#x27;t use such asshole design&#x2F;wording. They&#x27;re a fraud.

So they lied ... not surprising companies promise things just to betray their customers in a second. I still remember when Facebook won the social media war by promising to never allow advertisement.

The line is thin between privacy and anonymizing criminal activity.

Listen, don&#x27;t do crime through email.

Seems like another good reason to not trust anyone&#x27;s words and protect yourself using good OPSEC.

I&#x27;m glad that they are at least removing that fallacy and people can&#x27;t quote it any longer.

Thanks for clarifying, Proton Mail. And also, good bye. I&#x27;ll be canceling my accounts today.

question... why did they have this information readily available for them? couldn&#x27;t they not retain logs and delete this sort of information right away? is there some legal aspect that makes them have to retain it for a certain amount of time or something?

i know there are some Protonmail guys reading this thread... people choose your service exactly for this very same reason, good luck trying to regain people trust

How do you say &#x27;honeytrap&#x27; in Swiss?

Honeypot always was a honeypot

Use TOR and onion services.

Privacy weenies are the most easily defrauded people I&#x27;ve ever come across.

Oh, boy.

Well, at least they own their mistakes and change accordingly.<p>All email is shit. Nothing is encrypted and many company&#x27;s simply try to sell you on better productivity (hey.com). Already having my email be encrypted so that the host can&#x27;t read it is a step forward, in my opinion.

For those who love Swiss &quot;privacy&quot; and security they should read about the CIA front-company from Switzerland for secure encrypted communications:<p><a href="https:&#x2F;&#x2F;en.wikipedia.org&#x2F;wiki&#x2F;Crypto_AG" rel="nofollow">https:&#x2F;&#x2F;en.wikipedia.org&#x2F;wiki&#x2F;Crypto_AG</a><p>And remember Mark Twain: “History Doesn&#x27;t Repeat Itself, but It Often Rhymes”

What a douchebag company honestly. Their marketing is absolutely evil. Changing the headline does not cut it, they need to fire people responsible for that outright lie.<p>After a dude gets arrested, they’re like: oh, we were talking about advertisers! Who did you think?<p>What a trash team.<p>Proton mail ==

I can&#x27;t imagine running an internet based service and <i>not</i> logging IP addresses. How else do you debug issues or isolate malicious users, etc. Does anyone think it&#x27;s realistic (or even responsible) to not log basic info?<p>I don&#x27;t use PM, but it seems their product is end to end email encryption, not complete web anonymity. Maybe those wanting to add anonymity should access it via tor (if PM allows it).

Can&#x27;t wait for the &quot;sorry we got caught&quot; statement

For such a stupid thing too. I&#x27;m surprised Switzerland provided a warrant for a climate activist.

It has been admitted. So they DO log your IP address when you use their service. So their customers have been lied to and have their privacy at risk. They cannot be trusted.<p>So how long have ProtonMail kept this massive lie from its users then?

This is just ridiculous.. If they receive a notice to log your IP address, they should notify you first. My trust in ProtonMail is gone.

If people are unhappy about Protonmail I suggest they try find an email provider that is impervious to any judicial requests. Of any country.<p>It is naive to imagine companies that have an address and take payments can ignore judicial decisions.<p>Yes there&#x27;s a point about fighting decisions, but as people say &quot;we live in a society&quot;.