This page is a draft. It may be missing essential content covering basic aspects of the topic. Do not rely upon it without input from more complete resources.
If you're familiar with this topic, please consider contributing.
ProtonMail is an email provider owned by the company Proton. Advertised itself as a privacy-respecting email provider, it is found to have several severe privacy problems.
- The website’s images is partly powered by Prismic, which is a third party that admitted to log your IP address .
- They falsely claim that “It is not necessary to provide personal information in order to create an Account”, but hCaptcha is required to create an account, in which they log your “IP addresses, browser type, Internet service provider, platform type, device type, operating system, date and time stamp of access, and other similar information.” . Email can be used as an alternative for registration, but as temporary emails are blocked, it is a personal information.
- The way their OpenPGP encryption works is by generating the keys when you created your account, and using your existing OpenPGP keys is not allowed. This type of encryption is proved to have serious shortcomings.
- They have access to your “sender and recipient email addresses, the IP address incoming messages originated from, message subject, and message sent and received times. ”, which is more than other privacy-focused email providers.
- As per their transparency report, they compiled 4920 requests just in 2021, and it shows an increasing trend. They have also helped the EU to arrest French activist and protester by logging their IP addresses.
- ProtonMail is suspected to be a honeypot of the United States and their staffs do not even use ProtonMail.
- ProtonMail is proved to have several false claims .
- They do have an onion domain for users who are concerned with privacy .