@maique ProtonMail always sounded like a bad guy from a Mega Man game to me š
What they do ?
@maique If they collect, theyāll always share. Rest are excused. Shouldāve used a VPN to even access Protonmail to be doubly safe.
@pratik Iām not hugely upset w/ProtonMail (Iām a paying customer). But they really have oversold the benefits a la Tesla and self-driving cars. Also, to me, privacy is not the same as secrecy. Keeping what youāre doing secret is a whole level beyond using something like ProtonMail.
@Cheri @ronguest Glad to know, Iāve been spending the last couple weeks looking at shifting my work email there in part because they are HIPAA compliant. My email options in that regarded are painfully slim, and they seem to be among the better ones for my needs. Their support has been pretty responsive, too. This current situation gave me pause, but I canāt see the other options out there doing differently.
@ronguest Yup. Theyāve always admitted to collecting your IP addresses and will share if legally asked for. Of course, there was that whole mess of France going to Europol who then went to the Swiss who made it seem as if it was breaking Swiss law. That didnāt pass the sniff test but not much Protonmail couldāve done about it.
@maique @pratik As I understand it, IP logs are either never kept or only kept temporarily unless the user is abusing the service or Protonmail is compelled by Swiss law (as in the recent French case). I donāt think their original language was deceptive, but it could certainly be misconstrued (obviously, considering the reaction to this recent story). Iām giving them the benefit of the doubt here.
@jack @pratik anyone who takes security seriously will at the very least have something that process logs and turn that into metrics they can use to detect misuse, security problems, compromised systems/accounts etc
When I see anyone say they donāt store logs, I always assume it means that they donāt store it long term. Nothing suspect about it.