this post was submitted on 22 Dec 2025
298 points (92.6% liked)

Privacy

3182 readers
401 users here now

Icon base by Lorc under CC BY 3.0 with modifications to add a gradient

founded 2 years ago
MODERATORS
Ategon@programming.dev
danielintempesta@programming.dev
298
Proton has handed over 32,076 users' data to governments since 2017. Their own transparency report states a 94% compliance rate in 2024. (infosec.pub)
submitted 2 days ago by cm0002@infosec.pub to c/privacy@programming.dev
131 comments fedilink hide all child comments
top 50 comments
sorted by: hot top controversial new old
[–] moderatecentrist@feddit.uk -3 points 5 hours ago (2 children)

This view might be controversial but here goes. If someone is suspected of a major crime (rape, serious assault, murder, major theft), maybe it's okay for law enforcement to gain access to that person's online accounts.

People might say "but if the government has the power to do that, one day they could do it to you, or they could use those powers to oppress anybody who criticises the government". But isn't that like saying "if you build prisons then one day an authoritarian government might put any critic of the government in those prisons"?

[–] Pollo_Jack@lemmy.world 1 points 58 minutes ago

It should be at the companies discretion. Convince a company, that can be held liable, that you actually got something worth breaking the rules for.

[–] uncouple9831@lemmy.zip 3 points 3 hours ago* (last edited 3 hours ago)

I don't disagree in concept but the problem is governments already are the bad guys. We know the US has contracted with another government to torture citizens of third countries. We know the UK is going to charge Greta with terrorism charges because she held up a sign in an annoying way. We know Germany has lost the fight vs Nazis, again. The bad part is already here.

In proton's case it's more insulting because their whole marketing schtick is fake privacy. Private email but only if everyone you know is on the same service and even the only the body of the email is private. Private vpn event though vpns don't do much for privacy unless the privacy you want is your isp to not know you're torrenting tentacle porn. They've added some other things lately that seem actually private but they were so late to the game it hardly matters.

[–] ZoteTheMighty@lemmy.zip 36 points 19 hours ago

Um...obviously, yeah? The alternative to complying with the authorities is to challenge it in court, which is extremely expensive. The important question is not how much information they do hand over, but how much information they have themselves. For example, if your keys are private, proton has nothing useful to share. This is why end-to-end encryption matters, the only avenue to real privacy is to make sure Proton has nothing useful to share. They're not going to host their servers on international waters.

[–] muusemuuse@sh.itjust.works 34 points 1 day ago (11 children)

I using proton more as a middle finger to google than anything else and at that it works fine.

[–] uncouple9831@lemmy.zip 2 points 3 hours ago

Posteo has nice fingers

load more comments (10 replies)
[–] sam@break3.social 6 points 1 day ago (9 children)

Yeah this isn't good at all especially when they market themselves as secure but just have full access to all the data.

There's gotta be something out there better than these crappy systems ready to throw you under a bus under barely any pressure.

load more comments (9 replies)
[–] commander@lemmy.world 37 points 1 day ago (1 children)

Proton threads are where the leftists equivalents to sovereign citizens pop up. Learn the technology a bit and about legal systems. That's what you have to operate within. If you want to feel more in control, encrypt everything yourself and only communicate/share in encrypted channels. At least then the primary sources of leaks is you and the receiver. If not, you're whining about streamlined performant services that will never be perfect enough for your standards because they operate legally rather than the user unfriendly solutions that you aren't willing to operate yourself for your life (maybe to be passed on) and/or won't run/can't afford to operate the illegal operation

[–] IceFoxX@lemmy.world 6 points 1 day ago

However, if it is protected by law... and the law changes over time and then, mysteriously, logs appear in the past, then it has absolutely nothing to do with the law. Rather, it means that lies were told for years beforehand.

[–] RalfWausE@feddit.org 14 points 1 day ago (1 children)

If you want encrypted mail, go the GnuPG route, everything else is only cosplaying security.

[–] Mikina@programming.dev 13 points 1 day ago

This holds true for any kind of secure communication you want to do.

Manually handling keys and encryption with GPG is the core of good opsec, and also a reason why 99% of "crime prevention" backdoors are probably not going to do much. But people are lazy, been a while since I saw a drug dealer hand out public GPG keys, ever since Telegram and the like got popular.

[–] lka1988@lemmy.dbzer0.com 191 points 2 days ago (27 children)

Once again - Proton is legally obligated to comply with the laws of the country in which they are based. This isn't specific to Proton, and they are not going behind your back to do this. In case it's not clear, this data is directly from Proton.

load more comments (27 replies)
load more comments
view more: next ›