Proton Mail: Privacy as Marketed vs. Privacy as Practiced

To whom it may concern,

I'm a paying Proton customer. I pay you specifically because you market yourselves as the privacy-first alternative; the company that exists because Big Tech won't protect its users from government overreach. So I'd like to understand how that ethos squares with what just came to light in the Stop Cop City case.

According to court records reported by 404 Media, Proton turned over payment data for the defendtheatlantaforest@protonmail.com account to Swiss authorities, who passed it directly to the FBI via MLAT. That payment data was sufficient to identify the person behind the account. The person does not appear to have been charged with a crime.

This is now the third known incident. In 2021, you logged and surrendered the IP address of a French climate activist to authorities via Europol, despite marketing that you don't log IPs by default. You then quietly deleted "we do not keep any IP logs" from your homepage. You also provided a recovery email for a Catalan independence activist to Spanish authorities. Each time, the script is identical: foreign government pressure, Swiss legal compliance, user anonymity destroyed. Interesting that you are always looking to facilitate an increase in government power or violence, and never decrease it.

Meanwhile, the entire legal basis for the Stop Cop City prosecution has collapsed. A Fulton County judge dismissed all RICO charges against 61 defendants in December 2025, ruling the Georgia Attorney General never had the authority to bring them. The FBI search warrant affidavit that prompted the MLAT request to Proton was authored by a Domestic Terrorism squad agent and yet the person whose identity you helped uncover doesn't appear to have been charged with anything. Your data helped the FBI identify someone in a case that a court has since called procedurally illegitimate.

So here are my questions:

1. What specific Swiss legal standard was met to justify this disclosure? Your statement references "serious criminal allegations" — the FBI affidavit was for a search warrant related to alleged trespassing and protest activity. What threshold does Proton consider "serious" enough to burn a user's anonymity? Is trespassing such an egregious crime to you that you think it warrants handing over our data? How low is your bar, truly?
2. Why does Proton collect and retain payment identifiers that can be used to deanonymize users in the first place? You accept crypto and cash. If you know credit card data creates an identity link that encryption can't protect, why isn't this disclosed front and center at the point of payment — not buried in a privacy policy? Seems like a red banner could fix this.
3. How many MLAT-sourced requests has Proton complied with in the last three years, and how many were contested? Your 2020 transparency report showed you complied with over 3,000 orders and contested 750. What are the current numbers? What were the crimes or conditions around the 3,000 orders you complied with?
4. What is Proton's position on providing data in cases involving protest activity, political dissent, or civil disobedience as distinct from violent crime? Do you draw a line, or does every Swiss-approved order get the same treatment? Right now, it seems as if there is no line, as you are expressing gleeful joy in turning over anti-government protester data......repeatedly.
5. Proton's marketing frequently criticizes Big Tech surveillance and government data harvesting. Just this week you were taking shots at Microsoft on Twitter over data collection. How do you reconcile that public posture with a documented pattern of providing exactly the kind of data that enables government identification of activists?

I chose Proton because I wanted to put my money where my principles are. Right now, I'm struggling to see why I should continue. "We're better than Gmail" is not a privacy ethos; it's the bare minimum of a privacy-focused anything.

I'm asking you to be honest about what your product actually protects and what it doesn't, and to stop letting your branding write checks your legal department can't cash.

I look forward to a substantive response.

Regards,
Bill

Hi Bill, to be brief, I would say we actually passed the one test that matters.

French case, identity was already known to the police (they were illegally squatting/destroying/robbing a building), not exactly hard to locate, and already previously arrested. They needed Proton email info to build the case against them. Unfortunately for the police we can't decrypt. These people escaped jail time as a result.

Spanish case, again no emails could be decrypted, so they found the person, but no evidence. This person also escaped a jail sentence.

The American case, as you noted, they also escaped jail time.

For 11 years of operating, 100 million users, just 3 cases, and all 3 no jail sentences, I'd say that's an astoundingly good track record.

I find this statement completely insulting: "you are expressing gleeful joy in turning over anti-government protester data......repeatedly"

Each time we defy a court order (and we do this regularly), as a director of the company, I take on personal criminal liability on behalf of our users. If we do this so gleefully and joyfully, why do we sue the Swiss government at substantial personal risk on behalf of users? https://proton.me/blog/court-strengthens-email-privacy

Lastly, I think you know (if you actually read the 404media piece, biased as it was), that the request the biden admin sent to switzerland wasn't just about protest activity, but an investigation into a shooting of a police officer where explosive devices were found, which was serious enough to gain approval by Swiss justice.

Best,
Andy

Andy,

I respect that you replied personally. That's more than I expected and more than most CEOs would do. So let me engage with your actual points.

The encryption holding is a fair point. I should have given that more weight. In all three cases, no email content was compromised, and that is a real distinction. Acknowledged.

But "nobody went to jail" is not the metric I'm measuring you against.

The person in the Atlanta case was identified to an FBI Domestic Terrorism squad. They were subjected to a federal search warrant. Their anonymous identity was burned. That happened because of data Proton provided. Whether or not charges followed, the exposure itself is the harm. Activists, journalists, and dissidents don't evaluate privacy tools by whether they ultimately avoid prison. They evaluate them by whether they get identified at all. You know this, because it's the exact threat model your marketing is built around.

On the shooting. You're asking me to accept the Swiss authorities' framing that this was an investigation into a shooting of a police officer where explosive devices were found. I'd ask you to consider what actually happened at that site. Police fired 57 rounds into a tent and killed Manuel Paez Teran. No body cameras. No video evidence of return fire. The RICO case that followed has been dismissed as procedurally invalid. The FBI's own affidavit didn't mention a shooting. So when you say Swiss justice found the allegations serious enough to approve the request, my question is simple: did Proton do any independent evaluation, or did you take the government's word for it? Because governments characterize protest movements as terrorism regularly. That's not a hypothetical. It's what happened here.

On the court challenges. I read the blog post. The work you've done pushing back on Swiss surveillance law is real and important, and the personal liability you take on is not nothing. The "gleeful joy" line in my original email was unfair and I withdraw it.

Now, the question you skipped entirely.

Why does Proton retain payment data in a form that can deanonymize users?

You already offer crypto and cash. That means you understand credit card payments create an identity link that sits completely outside your encryption model. Every one of these three incidents traces back to metadata, not content. Your encryption did its job. Your payment architecture didn't.

So why isn't there a clear, impossible-to-miss warning at checkout? Something that tells users plainly: paying by credit card permanently ties your real identity to this account in a way we cannot encrypt or protect. Not buried in a privacy policy. Not explained in a blog post after someone gets burned. Right there at the moment of payment, where it would actually change behavior.

That's a product decision you can make tomorrow. It doesn't require a court ruling or a change in Swiss law. It would have prevented all three of these stories. And it would actually align your product with the promise your marketing already makes.

I'm staying with Proton. Not because I think you're perfect, but because I think you're closer to right than anyone else in this space. But the gap between your encryption and your payment pipeline is the thing that keeps burning people, and it's the thing you have the most control over fixing.

Bill

We do investigate each case, but Proton isn't a detective agency, the ultimate responsibility for the investigation needs to be with Swiss justice, and so this question actually needs to be directed to the Swiss Federal Department of Justice and Police. Are they perfect? Probably not, but we believe they are better than either the Biden or Trump DOJ, and that's why we are based in Switzerland.

On the payment point, I don't believe the banner is warranted because there is nobody who seriously believes credit card payments are anon. Your credit card literally has your name on it. This is common knowledge. The user in this case knew that too, but paid with credit card anyways, because they did not believe they were doing anything wrong (and they were correct, hence no charges).