Proton Mail has revealed the extent of encryption that exposes activist data.

Proton Mail has revealed the extent of encryption that exposes activist data.


Proton AG — the Swiss company behind Proton Mail, the popular encrypted email service — came under fire in April for complying with Spanish police requests for information about its users — a Catalan independence activist.

It's clear why that was a controversial move. It makes a bad impression when “good people” are “sold out” by a company that promises to protect privacy. But if you're angry at Proton for complying with legal requests, you need to reevaluate your illusions about privacy technology.

We all love cryptography and its associated ideas. But encryption is not a panacea, and the more encryption we do, the more metadata issues arise. When it comes to privacy, metadata is an exercise in minimization – but centralized services have an inherent limit to how small they can make their metadata collections.

Related: Big miners pose a growing existential threat to Bitcoin

Ledger

Proton has done an amazing job of restricting access to user metadata. All they offer should be treated on the back to build a system where alternative recovery is email. (In this case, the company provided their users' recovery email addresses, which led the police to their Apple accounts.) Instead, they were bombarded with “unsubscribe” buttons and obnoxious headlines beginning with “Is Proton…” online. And end with question marks.

Platonic privacy technology

The fantasy goes like this: a privacy company receives a formal legal request from the authorities, a privacy company gets ripped off by the authorities, a privacy company delivers news of victory to their disappointed fans. This protection has raised heads several times, including another Protonmail case a few years ago.

But the illusion is insidious and self-destructive.

If Proton goes this route, they will quickly face legal pressure that will put Sun on the entire company – and then we'll be down to just a handful of encrypted email providers. That's not a beneficial outcome for Proton, Proton users, or privacy in general.

Freedom Tech editor Setifor Privacy defended Proton Mail in a post on X, writing that Proton's architecture is “proven” to “reduce the amount of data they have on any given user.”

Proton is well aware of this, so the fact is that in 2023 alone they have met nearly 6,000 legal requirements. Once the shock of the news wore off and hands like SethForPrivacy were weighed, many people accepted that the outrage wasn't really warranted or worthwhile.

Blaming Opsec is copout.

As the story goes, Proton Defenders can only be defamed in this case because an opt-in acquisition email was provided. They are, of course, the activist's fault for pervasive operational security (opsec) – but this is just another iteration of the ineffective blame game.

We can't just end this story by saying, ‘Oh, you've got to have worse things to do.'

The real question is: Can we do better?

Encryption is our starting point. We must use it, argue about it, protect it. Proton has this and a smaller set of metadata, so we've got a good base to work with here.

A smart tip on this is to access Proton via VPN/Tor (preferably not ProtonVPN) and subscribe using crypto. This message has been widely circulated in the past two weeks – but it is not new advice and we are still seeing issues emerging as our Catalan activist. Services lag behind people who need manual user empowerment, and sometimes it's the very people at risk we're trying to protect.

In Catalan's case, there were pieces of the puzzle needed to unsubscribe an email from the E2EE messaging app, a recovery email provided by a secure email service, and an iCloud email account. These are small mistakes that anyone can make, but together they create a metadata breadcrumb trail that can be followed with relative ease.

Ability to decentralize by limiting metadata collection

Our goal is to create robust tools out of the box and ensure privacy-risk options are clearly defined in place.

Perhaps decentralizing parts of the system will help us take things a step further than Proton. Decentralization is an important way to reduce the amount of data a centralized company needs to run properly to provide a service.

For example, building applications on decentralized networks that can store or process data needed for a service. For an email service, that means storing and transmitting the message — including sensitive metadata like subject lines and mail timestamps. That decentralized network layer also uses advanced privacy protection techniques such as onion routing. This way the user's IP will be better protected even if they are not using a VPN. There are some such networks like Tor, but we also have similar networks like Nim Mixnet that are secured and powered by blockchain.

Related: Welcome to the UK – Please hand over your crypto

Networks such as NIM are potentially generalizable to data routing needs, and often provide software development kits (SDKs) for integration with third-party applications. Mixnets are very slow, so this might not be a good solution for instant messenger or meeting services, but for email – it might work.

The storage side of things is more complicated, application-specific networks, like Session Network (which is used by the messaging app I work on), offer temporary message storage in a decentralized way, but this is not the case for email – which is a de facto archive. Handling for many people.

This limitation, combined with spam filters and email mafias, may apply to top-down decentralized email services – although it doesn't stop people from trying – but it certainly doesn't apply to other communication tools such as messaging, video and audio conferencing, and group communication platforms (such as Slack and Discord). ).

In the end, the legal questions will keep coming – and companies will keep succumbing. It's the way it should be. But in situations where safety and security are critical, purposeful decentralization can provide much-needed additional protection for vulnerable people.

Proton — People already design and build solutions that can be useful for you and your users. We can help, all you have to do is call (or, I guess, send an email).

Alexander Linton is the director of the encrypted messaging app Session and the non-profit OPTF. He received his BA in Journalism from RMIT University before attending graduate school at the University of Melbourne.

This article is not intended for general information purposes and should not be construed as legal or investment advice. The views, ideas and opinions expressed herein are solely those of the author and do not necessarily represent the views and opinions of Cointelegraph.

Leave a Reply

Pin It on Pinterest