[tabiv]

I think this is a good change for Proton. I hope it leads them to change some of their misleading privacy marketing.

[crmd]

Can you elaborate? I’m a proton user who chose them based on their privacy claims.

[leosanchez]

I think he talking about e-mails to and from proton mail and other email providers are not really encrypted. Only mails between proton mail are encrypted.

That would be my guess.

[chuckadams]

Individual emails are only encrypted if the sender encrypts them, yes, and it's only enabled by default between protonmail users. However, the mailbox as a whole is encrypted at rest with some one-way method that doesn't allow proton to decrypt it: https://proton.me/blog/zero-access-encryption

[aquatica]

> However, the mailbox as a whole is encrypted at rest

The server still receives from other servers and from the client (if the email is not going to a proton account) the plain text, so nothing prevents them from making a copy.

[chuckadams]

email is not Signal, and Proton cannot magically turn on encryption for every sender in the world.

[riku_iki]

how other providers (gmail) work in this case?..

[zolbrek]

In one instance they gave up the IP address of an email user to law enforcement (with a warrant I believe).

[haakon]

More on that here: https://proton.me/blog/climate-activist-arrest

They swiftly went on to win a court ruling that would prevent this specific situation from repeating. https://proton.me/blog/court-strengthens-email-privacy

[obelus]

They only have to comply with Swiss courts, but they're pretty up front about what they can and can't do, including suggesting Tor for anonymity, and the difference between Mail and VPN in Switzerland (VPN is no logs).