A court record reviewed by 404 Media shows privacy-focused email provider Proton Mail handed over payment data related to a Stop Cop City email account to the Swiss government, which handed it to the FBI.
Create a new account in Tor Browser. Pay with monero.
Never link your old account to your new account. Never write your name. Never email anyone off proton mail, unless you setup PGP first. Never login to your new account in a browser other than Tor Browser.
Proton is the best option, but tech can’t fix stupid.
I’m not saying Proton was right or wrong to hand over data, who knows how much if a fight they really out up, but it seems more like an OpSec thing, where they found the account because they used that email to create a user account somewhere that they then posted about being a part of this group rhe FBI was going after.
I’d say your best bet to avoid this would be to create a free account that doesn’t have any payment info and doesn’t use your premium account as a recovery method of any kind if you’re going to use it as the email associated with a social media account. Or like someone else mentioned, if there’s an anonymous payment method, always use that.
Again, not a great look for Proton, but doesn’t really go against any of their claims as far as data encryption is concerned. Not sure if they could encrypt that payment info.
Your technical and legal understanding seems limited. I personally work in the IT space and am a hobbyist in legal matters, in particular data protection.
I’m pretty sure there was nothing they could’ve legally done to protect the payment information.
It’s not a “bad look” for Proton; instead, it’s just people being confronted with reality.
If you commit a crime, law enforcement will be after you, and if your operational security sucks, there will be no service that can counter that.
If you’re worried Proton could identify you to authorities, either just make a new Proton account and pay anonymously (cryptocurrency or cash by mail), since that’s the only way this person was identified, or you could use what I’d consider to be the next-best, which is Tuta.
Nowhere near as slick a UI, less overall offerings (only email and calendar), but it costs less and generally provides similar security and privacy to Proton. Though again, you’d have to pay via private means, otherwise you’re gonna get identified by the same mechanism this person was if the government really decided to come after you by your account.
the same thing can happen on Tuta unless you pay with an anonymous method. these are privacy focused email providers, they are not anonymous email providers. they keep as little data on you as they need, but if you’re paying with a credit card then obviously you have your real name tied to the account.
I’ve been a paid protonmail user for years. What should I use instead?
Create a new account in Tor Browser. Pay with monero.
Never link your old account to your new account. Never write your name. Never email anyone off proton mail, unless you setup PGP first. Never login to your new account in a browser other than Tor Browser.
Proton is the best option, but tech can’t fix stupid.
If you don’t give information to Proton AG which they can be legally forced to hand over, you’re alright.
I’m not saying Proton was right or wrong to hand over data, who knows how much if a fight they really out up, but it seems more like an OpSec thing, where they found the account because they used that email to create a user account somewhere that they then posted about being a part of this group rhe FBI was going after.
I’d say your best bet to avoid this would be to create a free account that doesn’t have any payment info and doesn’t use your premium account as a recovery method of any kind if you’re going to use it as the email associated with a social media account. Or like someone else mentioned, if there’s an anonymous payment method, always use that.
Again, not a great look for Proton, but doesn’t really go against any of their claims as far as data encryption is concerned. Not sure if they could encrypt that payment info.
Your technical and legal understanding seems limited. I personally work in the IT space and am a hobbyist in legal matters, in particular data protection.
I’m pretty sure there was nothing they could’ve legally done to protect the payment information.
It’s not a “bad look” for Proton; instead, it’s just people being confronted with reality.
If you commit a crime, law enforcement will be after you, and if your operational security sucks, there will be no service that can counter that.
If you’re worried Proton could identify you to authorities, either just make a new Proton account and pay anonymously (cryptocurrency or cash by mail), since that’s the only way this person was identified, or you could use what I’d consider to be the next-best, which is Tuta.
Nowhere near as slick a UI, less overall offerings (only email and calendar), but it costs less and generally provides similar security and privacy to Proton. Though again, you’d have to pay via private means, otherwise you’re gonna get identified by the same mechanism this person was if the government really decided to come after you by your account.
this person said it once, but I’ll say it again.
the same thing can happen on Tuta unless you pay with an anonymous method. these are privacy focused email providers, they are not anonymous email providers. they keep as little data on you as they need, but if you’re paying with a credit card then obviously you have your real name tied to the account.
Posteo has an anonymized payment system, so you could pay with credit card and your payment information won’t be linked to your account.