this post was submitted on 08 Mar 2026
548 points (97.1% liked)

Privacy

5325 readers
227 users here now

Welcome! This is a community for all those who are interested in protecting their privacy.

Rules

PS: Don't be a smartass and try to game the system, we'll know if you're breaking the rules when we see it!

  1. Be civil and no prejudice
  2. Don't promote big-tech software
  3. No apathy and defeatism for privacy (i.e. "They already have my data, why bother?")
  4. No reposting of news that was already posted
  5. No crypto, blockchain, NFTs
  6. No Xitter links (if absolutely necessary, use xcancel)

Related communities:

Some of these are only vaguely related, but great communities.

founded 1 year ago
MODERATORS
otter@lemmy.ca
shaytan@lemmy.dbzer0.com
548
The informed choice (discuss.tchncs.de)
submitted 1 day ago by cronenthal@discuss.tchncs.de to c/privacy@lemmy.dbzer0.com
63 comments fedilink hide all child comments
 
you are viewing a single comment's thread
view the rest of the comments
[–] lambalicious -5 points 1 day ago (2 children)

Proton is known to unmask paying customers to agencies like the FBI, just so you know.

[–] redpulpo@lemmy.world 2 points 17 hours ago

That’s a misleading way to frame it. Proton doesn’t “unmask customers for the FBI.” They respond to legal requests through Swiss authorities, like any company operating under a jurisdiction.

And in the reported cases what was provided was account or payment metadata, not decrypted email content. If someone ties their real identity to an account through payments, no provider can magically make that anonymous.

A good comparison is Mullvad VPN. When Swedish police searched their offices in 2023, they left empty-handed because Mullvad doesn’t keep user identities and accounts aren’t tied to emails. If a user registers without identifiable payment, there simply isn’t much data to hand over.

The real issue isn’t “betrayal,” it’s what data exists in the first place.

[–] zarkanian@sh.itjust.works 5 points 1 day ago (1 children)

No, lol. That would have to go through a Swiss court first. Also, the only info the FBI is going to get is "Yes, this person is a ProtonVPN customer." Your data is end-to-end encrypted, so Proton cannot decrypt it.

[–] lambalicious -3 points 1 day ago (2 children)

Check the news. Proton literally unmasked the identity of a paying customer to the FBI. Delivering someone's identity is as bad if not worse than delivering messages: at that point it matters not if your data is encrypted because now the FBI can target you for $5-wrench torture.

[–] redpulpo@lemmy.world 3 points 17 hours ago

The reporting doesn’t say Proton “literally unmasked a user to the FBI.” What happened is that Proton was legally compelled by Swiss authorities to provide payment data they already had, and those authorities later shared it with the FBI through a legal assistance treaty.

The email content remained encrypted. What identified the user was the credit-card payment tied to the account, which is inherently traceable.

The uncomfortable reality is that people often deanonymize themselves: they create accounts without Tor, pay with identifiable cards, and link real-world data to the account. At that point the provider doesn’t need to “break” anything — the identifying information already exists.

[–] DownByLaw@sh.itjust.works 8 points 1 day ago (1 children)

Half true.

This post is about VPN. And Proton VPN is still safe.

Your info/news is on Proton Mail. In this case Proton was legally obliged (Swiss law) to give out identifying data for the owner of a known email address. The owner used a credit card and they had to give up the credit card info. The content and communications inside their email account is still private and was not given out. If they had used cash or crypto for paying, proton might have had no information to give out to the authorities. And again, they were obliged by law.

[–] lambalicious -3 points 1 day ago (2 children)

And again, they were obliged by law.

If the only defense a company has for giving away information about (paying!) customers to an agency of a fascist country known for disappearing people is "I was just obeying orders!", may I remind you of the Nuremberg Trials. But, well, I guess there's nothing better to expect from Proton on that end. The Swiss were, after all, well-known for taking all that Nazi gold without any complaints.

Just follow orders, like a good soldier.

[–] WhyJiffie@sh.itjust.works 2 points 1 day ago (1 children)

why, what should have they done? close shop and go to jail for not complying?

you have unrealistic expectations. if you are high risk, you should only access their services over their onion site and only pay in crypto or gift cards. they give all the tools one needs to stay truly anonymous.

[–] lambalicious -1 points 17 hours ago (1 children)

why, what should have they done?

In the least, fight it more in court. Isn't that the entire point of the thing, to keep things looping around via lawyers? Maybe notify the user beforehand, as well.

In the most, not have hosted that data in the first place. No need to keep subscription data if you implement one-time lifetime plans, for example.

[–] WhyJiffie@sh.itjust.works 1 points 16 hours ago

In the least, fight it more in court. Isn't that the entire point of the thing, to keep things looping around via lawyers?

that can be done in questionable cases, but not all is like that. often the law is very clear about what do they need to comply with, isn't it?

Maybe notify the user beforehand, as well.

I am not a lawyer but I doubt they are allowed to do that

No need to keep subscription data if you implement one-time lifetime plans, for example.

as I said in my previous comment, they accept payments in crypto. but I think they also accept payments in cash over mail

[–] Luminous5481@anarchist.nexus 2 points 1 day ago

Are you OK? You didn't hurt yourself with that ridiculous stretch, did you?