ProtonMail, an end-to-end encrypted email service based in Switzerland, has turned over a French climate activist’s IP address and browser fingerprint to the Swiss authorities. This action of the email service has appeared to be in contrast with their privacy-focused guidelines, which states that they do not keep any IP logs by default.
After the email service surrenders the metadata of the activist to the Swiss authorities, ProtonMail has proceeded to remove the section in their policies which states the promise of not keeping any IP logs by default and replacing it with respecting the privacy and putting people first – not advertisers.
ProtonMail’s original policy gets changed due to compliance with the law
As a Swiss company, it was an obligation for ProtonMail to abide by the demand of the Swiss court. From their original policy that says IP logs are not kept by default, the email service now begins to log IP addresses and browser fingerprints for a specific account under ProtonMail.
The said account was under the name of a Parisian chapter of Youth for Climate, which is defined being a Greta Thunberg-inspired movement concentrating on students who cut their classes to appear in local protests.
To appeal the Swiss demand in logging the IP address of that specific account has been unattainable, as said by ProtonMail from their statements issued last Monday. To put in detail, the case cannot be appealed because Swiss law had been disobeyed and that some ‘legal tools for serious crimes’ were utilized. These said tools seem inappropriate concerning the current case. However, they are required to be complied with in legal matters.
Tor Browser being encouraged to be utilized by ProtonMail
ProtonMail has encouraged activists to use the Tor network or browser while executing online protests interactions. This is an addition to their action of removing the misleading ‘by default’ policy. From the front page of ProtonMail’s website, a new “Your Data, Your Rules” section will appear and is linked to another landing page that accumulates information about the utilization of the Tor network or browser in accessing ProtonMail.
Hiding the users’ IP addresses may not be legally done by ProtonMail. But using Tor in accessing their site, they might have found the solution to this problem for their users to still relish their service.
Even though users’ IP addresses and browsing fingerprints may now be collected by the Swiss authorities, ProtonMail highlighted that they assure the privacy of email contents and are safe against a breach. Since the email service uses end-to-end encryption, they technically do not own any necessary keys for decrypting a user’s email content and attachments.