Kottonballs I've tried to find proof of Proton turning on logging for a user but can't seem to find anything.

French police arrested a climate activist in September 2021. Proton were legally compelled to turn over data related to the IP address certain emails were sent from, and the IP address was useful in engineering the arrest. My understanding is it was just simple internet traffic logs that were turned over (they didn't break encryption on the emails or anything like that). Legally, Proton had no way out of it and no option to appeal the request. If they tried to illegally conceal the data, they would have been shut down, and Proton employees would have been arrested.

Proton CEO Andy Yen responded to the event in a blog post here: https://proton.me/blog/climate-activist-arrest

I think an important thing to note is the whole thing would have been made impossible if the user had simply connected with Tor or a VPN to send their emails. Proton even offers an onion site (https://proton.me/tor) for anonymous access--very uncommon for an email provider--which is a resource this person obviously did not take advantage of.

This is basically a case of user error. Considering they were under criminal investigation, they were frankly a bit careless. It seems unfair to blame the email provider when a user cannot take even the most rudimentary precautions to protect their anonymity.

      BluishHumility

      Another point to make is to distinguish between a "privacy focused" service, and a "bulletproof" service.
      Proton has always said that they will comply with the laws.

      There are services that say they will not... and they don't last very long. They inevitable attract the worst criminals, and get infiltrated/raided/seized/shutdown.

        itsjpb It's only recorded they share logs for active criminal cases, not normies.

        It doesn't matter. They gave up customer data. What is the point of having VPN then if they sell your data. Maybe we are safer with our isp

            BluishHumility French police arrested a climate activist in September 2021

            I still can't wrap my head around of what does France have with Switzerland... How does France have authority in Switzerland

                dlb they went through the Swiss courts and won. As another said, if the user used vpn, they would have not been found.

                    chuck if the user used vpn

                    I think you meant Tor

                    dlb what does France have with Switzerland

                    I think Swiss courts only allowed it because a Swiss law was broken. Not sure which.

                    dlb What is the point of having VPN then if they sell your data.

                    Not sold. Big distinction.
                    Selling data for profit is why so many privacy advocates hate Google.
                    Complying with local laws is still expected of privacy focused services.

                    If Proton were to start breaking the law to keep customers shielded, I'd leave. Because it won't last long and I'd expect LE to start infiltrating, spying and raiding.

                            dlb It doesn't matter. They gave up customer data. What is the point of having VPN then if they sell your data.

                            Proton didn't sell anyone's data, nor was this case related to their VPN service to begin with. You are letting the facts get away from you.

                            Graphite chuck if the user used vpn

                            I think you meant Tor

                            According to Andy Yen's blog post (which is worth a read if you haven't yet), either would have sufficed perfectly fine. If Proton turned over an IP address for the emails that lead to a no-logs VPN, that would have been the end of the trail. Even if the user connected with Proton's own free VPN service, that would have sufficiently obfuscated their traffic because the IP address doesn't lead anywhere (under current Swiss law, email and VPN are treated differently, and Proton VPN cannot be compelled to log user data.)

                            Graphite If Proton were to start breaking the law to keep customers shielded, I'd leave. Because it won't last long and I'd expect LE to start infiltrating, spying and raiding.

                            I think this is right. For people who can be bothered to use the resources correctly, what Proton offers is an amazing contribution to the privacy rights movement. To sacrifice all of that infrastructure and tooling just to take a bullet for someone who was careless or ignorant with how they were using the services does not seem right. It's unfair to everyone who is being cautious and using the tools correctly.

                                    After carefully reading all about proton and mulvad. And with help of your comments. I have decided that proton is better suitable for me.
                                    It is a little bit more user friendly than Mulvad, and accepts also cash payments.
                                    And has more features that comes with subscription.

                                    Security and privacy wise I think there is not much difference between the two.

                                    Yes proton has gave this IP address, but who can tell for sure that Mulvad didn't secretly..

                                    As mentioned many times in this forum user is the weakest link in this story.

                                    Thanks to all for the help

                                    I use Mullvad, not as much to hide my identy, but to avoid trackers and ads. Mullvad has a good adblocker-trackerblocker dns included in their service, so i don't need to use any adblockapp, what is convenient.

                                    For those who want to buy anonymous, but don't want to handle with crypto currency's, you can buy 6-month scratch cards on Amazon. I used one month to see if it's good, paid with credit card. When i decided to use it regularly, i simply deleted the app, bought a scratch card from Amazon and generated a new user account. For the account they don't need any personal information, it's just a random number you write down and you can add payments to these, like explained on their website.

                                    Mullvad works good so far, they deliver what they offer. Using a vpn doesn't make you invisible for all instances, but it does what is possible for the idea behind a vpn.

                                    The speeds are mostly fast, i didn't find a website not working with them. Though they are mostly blocklisted by streaming providers, but i don't use them for that.

                                    BluishHumility exactly this. Following the actual Swiss law, they can't ask providers to log VPN data, only email ips. So using both Proton VPN and Mail, they can't reveal IPs. As simple and profound as that.

                                      I'm not sure about Mullvad, but ProtonVPN offers Wireguard config files. I consider that as a huge benefit because for most VPNs, the native app drains the battery too quickly. Also Wireguard is generally more convenient for switching between different providers.

                                      Another thing to consider is ad blocking. Proton offers ad blocking settings so you don't need to install any blockers on your device. I find that useful for Vanadium browser since it doesn't block ads natively yet.

                                        roddyd I'm not sure about Mullvad, but ProtonVPN offers Wireguard config files. I consider that as a huge benefit because for most VPNs, the native app drains the battery too quickly. Also Wireguard is generally more convenient for switching between different providers.

                                        But Android does not support WireGuard - wouldn't you need to still use yet another client app for WireGuard?

                                            f13a-6c3a

                                            f13a-6c3a Yes, I use the third party Wireguard app. It's very barebones and just provides "switches" for each VPN you set up. The benefit is that it has a lot less background tasks and saves power.

                                                  roddyd I've used WG original client in the past during troubleshooting calling issues while on VPN but not in lieu of Proton app for continuous use. Now I'm intrigued and will give it another try

                                                    roddyd Yes, I use the third party Wireguard app

                                                    Hello, could you please provide more info on what app do you use for wireguard

                                                        roddyd I'm not sure about Mullvad, but ProtonVPN offers Wireguard config files.

                                                        This is also the case for Mullvad. I use on my laptop the Wireguard configuration files. On my phone, I use the Mullvad app that supports and use Wireguard by default.

                                                        roddyd Another thing to consider is ad blocking. Proton offers ad blocking settings so you don't need to install any blockers on your device

                                                        This is also the case for Mullvad, although it might be less user friendly at the moment: you have to manually input in the Advanced settings of the Mullvad app their DNS server address that blocks ad and/or malware domains. They plan to implement this functionality natively in a future update of the Android app.

                                                            nosferatu

                                                            Interesting case. I think the Swiss authorities definitely were in their rights to assist in investigating this assassination threat. Mullvad would have complied with this too.
                                                            The indictment shows very disturbing content: https://www.justice.gov/usao-md/press-release/file/1416926/download

                                                            I don't know why people are assuming "privacy" == "shielded from the law".
                                                            A very important note: The crime doesn't have to be committed in Switzerland or involve Swiss persons. It just needs to be something that is illegal in Switzerland. So you're safe from laws of your home country if it's legal in Switzerland.