info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
ProtonMail Amends Its Policy After Giving Up an Activist’s Data
14 views
Skip to first unread message
Nomen Nescio
Sep 11, 2021, 12:24:31 PM9/11/21
to
Wired.com
https://www.wired.com/story/protonmail-amends-policy-after-giving-up-activists-data/
This weekend, news broke that the anonymous email service ProtonMail
turned over a French climate activist’s IP address and browser
fingerprint to Swiss authorities. The move seemed to contradict the
company's own privacy-focused policies, which as recently as last week
stated, "By default, we do not keep any IP logs which can be linked to
your anonymous email account."
After providing the activist's metadata to Swiss authorities,
ProtonMail removed the section that had promised no IP logs, replacing
it with one saying, "ProtonMail is an email that respects privacy and
puts people (not advertisers) first."
No Logging ‘By Default’
As usual, the devil is in the details—ProtonMail's original policy
simply said that the service does not keep IP logs "by default."
However, as a Swiss company, ProtonMail was obliged to comply with a
Swiss court's demand that it begin logging IP address and browser
fingerprint information for a particular ProtonMail account.
That account was operated by the Parisian chapter of Youth for
Climate, which Wikipedia describes as a Greta Thunberg-inspired
movement focused on school students who skip Friday classes to attend
protests.
According to multiple statements ProtonMail issued on Monday, it was
unable to appeal the Swiss demand for IP logging on that account. The
service could not appeal both because a Swiss law had actually been
broken and because "legal tools for serious crimes" were used—tools
that ProtonMail believes were not appropriate to the case at hand, but
which it was legally require to comply with.
Break Out Your Tor Browser
In addition to removing the misleading if technically correct
reference to "default" logging policy, ProtonMail pledged to encourage
activists to use the Tor network. The new "Your Data, Your Rules"
section on ProtonMail's front page directly links to a landing page
aggregating information about using Tor to access ProtonMail.
Using Tor to access ProtonMail may accomplish what ProtonMail itself
legally cannot: the obfuscation of its users' IP addresses. Since the
Tor network hides a user's network origin prior to packets ever
reaching ProtonMail, even a valid subpoena can't get that information
out of ProtonMail—because it never receives it in the first place.
It's worth noting that the anonymity offered by Tor relies on
technical means, not policies—which could be a double-edged sword. If
a government agency can compromise Tor nodes that traffic passes
through so as to track its origins, there is no policy preventing the
government from doing so—or from using that data for law enforcement
purposes.
ProtonMail also operates a VPN service called ProtonVPN, and it points
out that Swiss law prohibits the country's courts from compelling a
VPN service to log IP addresses. In theory, if Youth for Climate had
used ProtonVPN to access ProtonMail, the Swiss court could not have
compelled the service to expose its "real" IP address. However, the
company seems to be leaning more heavily toward recommending Tor for
this particular purpose.
There’s Only So Much an Email Service Can Encrypt
ProtonMail is also careful to point out that, although its user's IP
address and browser fingerprint were collected by Swiss authorities
acting on behalf of Interpol, the company's guarantees of email
content privacy were not breached.
The service uses end-to-end encryption and deliberately does not
possess the key necessary to decrypt a user's email body or
attachments. Unlike the source IP address and browser fingerprint,
collecting that data is not possible simply by changing a
configuration on the company's own servers as demanded by a court
order.
Although ProtonMail can and does encrypt the email body itself with
keys unavailable to the servers processing them, the SMTP protocol
requires the email sender, email recipient, and message timestamps to
be server-accessible. Accessing the service via Tor or a VPN may help
obscure IP addresses and browser fingerprints, but the service can
still be legally compelled to provide any of those fields to Swiss law
enforcement.
In addition, email subject lines could also be encrypted without
breaking the SMTP protocol—but in practice, ProtonMail's service does
not, which means the relevant courts may compel the service to provide
that data also.
This story originally appeared on Ars Technica.
~~
https://www.wired.com/story/protonmail-amends-policy-after-giving-up-activists-data/
This weekend, news broke that the anonymous email service ProtonMail
turned over a French climate activist’s IP address and browser
fingerprint to Swiss authorities. The move seemed to contradict the
company's own privacy-focused policies, which as recently as last week
stated, "By default, we do not keep any IP logs which can be linked to
your anonymous email account."
After providing the activist's metadata to Swiss authorities,
ProtonMail removed the section that had promised no IP logs, replacing
it with one saying, "ProtonMail is an email that respects privacy and
puts people (not advertisers) first."
No Logging ‘By Default’
As usual, the devil is in the details—ProtonMail's original policy
simply said that the service does not keep IP logs "by default."
However, as a Swiss company, ProtonMail was obliged to comply with a
Swiss court's demand that it begin logging IP address and browser
fingerprint information for a particular ProtonMail account.
That account was operated by the Parisian chapter of Youth for
Climate, which Wikipedia describes as a Greta Thunberg-inspired
movement focused on school students who skip Friday classes to attend
protests.
According to multiple statements ProtonMail issued on Monday, it was
unable to appeal the Swiss demand for IP logging on that account. The
service could not appeal both because a Swiss law had actually been
broken and because "legal tools for serious crimes" were used—tools
that ProtonMail believes were not appropriate to the case at hand, but
which it was legally require to comply with.
Break Out Your Tor Browser
In addition to removing the misleading if technically correct
reference to "default" logging policy, ProtonMail pledged to encourage
activists to use the Tor network. The new "Your Data, Your Rules"
section on ProtonMail's front page directly links to a landing page
aggregating information about using Tor to access ProtonMail.
Using Tor to access ProtonMail may accomplish what ProtonMail itself
legally cannot: the obfuscation of its users' IP addresses. Since the
Tor network hides a user's network origin prior to packets ever
reaching ProtonMail, even a valid subpoena can't get that information
out of ProtonMail—because it never receives it in the first place.
It's worth noting that the anonymity offered by Tor relies on
technical means, not policies—which could be a double-edged sword. If
a government agency can compromise Tor nodes that traffic passes
through so as to track its origins, there is no policy preventing the
government from doing so—or from using that data for law enforcement
purposes.
ProtonMail also operates a VPN service called ProtonVPN, and it points
out that Swiss law prohibits the country's courts from compelling a
VPN service to log IP addresses. In theory, if Youth for Climate had
used ProtonVPN to access ProtonMail, the Swiss court could not have
compelled the service to expose its "real" IP address. However, the
company seems to be leaning more heavily toward recommending Tor for
this particular purpose.
There’s Only So Much an Email Service Can Encrypt
ProtonMail is also careful to point out that, although its user's IP
address and browser fingerprint were collected by Swiss authorities
acting on behalf of Interpol, the company's guarantees of email
content privacy were not breached.
The service uses end-to-end encryption and deliberately does not
possess the key necessary to decrypt a user's email body or
attachments. Unlike the source IP address and browser fingerprint,
collecting that data is not possible simply by changing a
configuration on the company's own servers as demanded by a court
order.
Although ProtonMail can and does encrypt the email body itself with
keys unavailable to the servers processing them, the SMTP protocol
requires the email sender, email recipient, and message timestamps to
be server-accessible. Accessing the service via Tor or a VPN may help
obscure IP addresses and browser fingerprints, but the service can
still be legally compelled to provide any of those fields to Swiss law
enforcement.
In addition, email subject lines could also be encrypted without
breaking the SMTP protocol—but in practice, ProtonMail's service does
not, which means the relevant courts may compel the service to provide
that data also.
This story originally appeared on Ars Technica.
~~
D
Sep 11, 2021, 1:14:58 PM9/11/21
to
On Sat, 11 Sep 2021 18:24:29 +0200 (CEST), Nomen Nescio <nob...@dizum.com> wrote:
>This story originally appeared on
Saturday 20 April 1889 6:30 PM LMT 13E02:08 48N15:23
>This story originally appeared on
Gasthof zum Pommer Vorstadt Nr. 219 (c.f. Salzburger
Vorstadt 15), Braunau am Inn 5280, Osterreich.
Anonymous Remailer (austria)
Sep 11, 2021, 5:23:22 PM9/11/21
to
0 new messages