Privacy

31957 readers

519 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

[email protected]

Proton Mail Discloses User Data Leading to Arrest in Spain (restoreprivacy.com)

submitted 6 months ago by [email protected] to c/[email protected]

44 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 3 points 6 months ago* (last edited 6 months ago) (4 children)

No company is going to legally go to bat for you for $10/mo. I love how Proton nonchalantly calls out the user's dumb move in the article:

Proton provides privacy by default and not anonymity by default because anonymity requires certain user actions to ensure proper OpSec, such as not adding your Apple account as an optional recovery method. Note, Proton does not require adding a recovery address as this information can in theory be turned over under Swiss court order...

[–] [email protected] 2 points 6 months ago

It is worth noting though, that Proton doesn't allow you to use certain domains for recovery addresses. Admittedly this was awhile ago and maybe things have changed there but when I first joined Proton they wouldn't allow me to set a duck.com or simplelogin.com or addy.io address as a recovery email.

Obviously using an apple ID is stupid but Proton could make more of an effort too.

[–] [email protected] 1 points 6 months ago* (last edited 6 months ago)

At any point in the process, does it warn you about setting up recovery with personal email addresses?

Feels like with as much as Proton advertises nowadays as a privacy protecting service, they need to be taking into consideration that a lot of their customers now are going to be average users who don't know anything about proper OpSec. They should be much clearer about what things they can't protect you from.

It shouldn't be in a press release like this, they should be explaining the difference between privacy and anonymity to the customer. It's not like their marketing team isn't aware of the fact most people don't know any better.

It's in their best interests, too, because it doesn't matter how many times you say "we provide privacy not anonymity", the headlines are a bad look.

[–] [email protected] 1 points 6 months ago (1 children)

Proton does require a recovery email address if you sign up to a mail forwarding service or similar, right after creating the account. In that case the account remains locked if you don’t, so that’s just a lie

[–] [email protected] 2 points 6 months ago

In the article it says that that's a one-time verification address. Though that leaves the question if/how long it's stored

[–] [email protected] 0 points 6 months ago (1 children)

What would be a more appropriate email address to use - or just no recovery email?

[–] [email protected] 1 points 6 months ago

It's best for anonymity to not use one at all. Proton provides a recovery key to allow access to your account if you manage to lock yourself out. Keep that key somewhere safe/secure.