this post was submitted on 09 May 2024
114 points (84.3% liked)

Privacy

32156 readers
854 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

By the way, the earlier posted article https://restoreprivacy.com/protonmail-discloses-user-data-leading-to-arrest-in-spain had an update starting at the paragraph with title Update: Statement from Proton and additional commentary

all 43 comments
sorted by: hot top controversial new old
[–] [email protected] 91 points 6 months ago (3 children)

"helped" is very misleading. Companies can't refuse to provide information they have when served a search warrant / court order. These companies DID NOT choose to provide the info on their own.

[–] [email protected] 21 points 6 months ago* (last edited 6 months ago)

Yep, which I think is why it's more important to see what data is being collected and stored, rather than giving up data based on how trustworthy an entity seems

If the tool doesn't collect or log the data to begin with, then there's nothing that can be stolen/taken/demanded

The solution in this case might be for Proton (and the other companies) to list out risks and data collection information along the way.

We need X in order to do Y. Read more on how Y works. Now here are some risks, and how to avoid them:

[–] [email protected] 41 points 6 months ago

Obligatory reminder:

Email is not a secure medium! If you need truly secure and/or anonymous communications, DON'T USE EMAIL!

Use a platform/protocol designed from the ground up for those things!

[–] [email protected] 11 points 6 months ago (2 children)

“Proton does not require a recovery address, but in this case the terror suspect added one on their own. We cannot encrypt this data as we need to be able to send an email to that address if the terror suspect wishes to initiate the recovery process,..."

I love that proton kept referring to the user as the "terror suspect" repeatedly so we would know they're really the good guy here.

[–] [email protected] 5 points 6 months ago (1 children)

Exactly. What makes this a bit complicated and maybe interesting from a historical point of view is that this is about Spain. A country which has been very slow with removing some of the "relics" from the fascist Franco era (Franco died in 1975) and at the same time having regions that long for independence like Basque country and Catalunya (and the post topic is related to that, Catalunya aiming for independence). Since the Twin Towers attacks in 2001 the words "terror suspect" and "terrorists" have been used much more often (also by ordinary "normies" people that I knew) and maybe not always rightly so.

[–] [email protected] 2 points 6 months ago (1 children)

Thanks very much for the clarification to the context, I really appreciate it as someone who had no idea.

[–] [email protected] 3 points 6 months ago

You're welcome.

[–] [email protected] 4 points 6 months ago

Well it was anti terror laws that were invoked..

[–] homesweethomeMrL 6 points 6 months ago

If you sign up for a service using real information that can be traced to you (as in this case: home address, personal email) and then do illegal* things with the account, don’t.

The * here is that what the alleged protester allegedly did or said is irrelevant. And the article is pretty clickbaity, unless the author was unaware of how online accounts work.

[–] [email protected] 6 points 6 months ago (1 children)

Why has proton written somewhere exactly what data can be handed over to police? if there is, they need to be promoting this information more

[–] [email protected] 10 points 6 months ago

https://proton.me/legal/law-enforcement

They never said they will fight law enforcement, this is the 1000th time this happens.

[–] [email protected] 3 points 6 months ago

OpSec fail, never ever use any personal info when you are dealing with something you don't want to be indentified for, it include obviously recovery emails, usernames and passwords.

[–] [email protected] 1 points 6 months ago

Do not trust companies.