Ever since the broadly-trusted, Switzerland-based encrypted email service ProtonMail acknowledged that it helped identify a young French climate activist, organizers have been pondering whether they should continue using ProtonMail accounts.
For the sake of solidarity, the strength of our movements, and the safety of our people, activists must never cooperate with law enforcement, and they need to be able rely on their communication channels to protect them from invasive government overreach. Many activists likely had an understandably strong visceral reaction to the news that Proton had apparently acted as an informant in this case.
Proton appears to have only reluctantly handed over a user’s information (having been compelled by Swiss police, under threat of presumably serious legal penalties, with no venue for challenging this order). Nevertheless, the targeting of a climate activist by authorities is so reprehensible that we’re not writing here to defend this company’s actions. However, activists would be mistaken (now and in the past and future) to expect any company or its executives to go to prison or shut down their service rather than cooperate to some extent with law enforcement.
Should ProtonMail have heroically shut down their service (as Riseup promises to do) in the face of demands for client info? The answer unfortunately isn’t a simple yes. If all activist-providing services shut down in response to legal requests, we would have a catastrophic loss of infrastructure that would drive many to worse providers, thus posing much more danger to our movements as a whole.
ProtonMail is still, in many cases, a good option for activists’ encrypted email, as it provides strong message encryption that’s quick and easy to set up and use correctly, requiring no special technical skills. However, we need to be clear about what it’s good for (encrypting the contents of email messages between ProtonMail users) and what it requires extra measures to achieve (anonymity for its users and encrypting emails to non-ProtonMail users):
- Hiding your identity by using the platform ProtonMail anonymously. You can totally do this! There are two ways:
- ProtonMail provides strong support for Tor (by far the best option for anonymity on the Internet) through their onion website: https://protonmailrmez3lotccipshtkleegetolb73fuirgj7r4o4vfu7ozyd.onion/ which can only be accessed with the Tor Browser. For robust anonymity, you need to use Tor Browser when you create your account and each and every time you sign in to check your email. Please note that creating an account using Tor will require a confirmation step. To ensure anonymity, you’ll need to use a burner phone number or existing (anonymous) email address and request an invite (choose Manual in the screen below).
- Using a VPN is another way to hide your identity from Proton. However, this requires you to trust the VPN provider with your identity and so is a weaker form of anonymity. Mozilla VPN and Mullvad (which provides the former’s server infrastructure) are good VPN choices. To hide your identity from Proton you need to ensure you are connected to your VPN when creating your ProtonMail account and every time you access ProtonMail. You can read more about achieving anonymity online here.
- Exchanging encrypted emails with non-ProtonMail users. This requires manually exchanging encryption keys. Proton makes this relatively easy, but it is an extra step for both you and the person you are emailing.
While we were disappointed to hear about ProtonMail’s role in the arrest of a climate activist, we appreciate that ProtonMail makes it relatively easy to access their service anonymously through the Tor browser. An IRL comparison would be that, if I really loved going to a speakeasy that scanned IDs at the door but had a secret entrance that didn’t, I would much rather they just say “Hey there, please use our secret entrance,” than make the commitment that “If The Man ever forces us to hand over guests’ IDs we’ll just close forever.”
So, we recommend ProtonMail for encrypted email because we live in a world where many still organize on Google Drive (or…gasp…Facebook!). To support folks’ organizing work, we always recommend the safest workable option, but also highlight 99%-as-good but easier-to-use options because we need to also support activists without the time, knowledge, or capacity to fully commit to the strongest digital security practices. ProtonMail is still good harm reduction.