[dadie]

Thank you for the link. This sadly makes me consider switch to another email provider. I think it is great that they listen to their customers, it really is, but it makes me think that what I value in an email provider seems to be different from what the average (or at least questioned) customer values.

The words privacy and ai are in my mind almost irreconcilable. I wish them all the luck in the world and hope their other customers stay happy, but it seems they will have to lose me. Which is fine. I think they do what is best for proton, it is just that proton might be no longer what is best for me.

I just keep wondering if companies know that while lacking a certain feature may cost them customers, having it may do so as well.

[sandworm101]

>> The words privacy and ai are in my mind almost irreconcilable.

You can run many AI system on user machines. Some versions of stable diffusion can run on laptops. They can be run privately, even on air-gapped machines if necessary.

[egberts1]

But not Proton and Scribe's AI: it trains locally and send the combined gradient update to a central server,

[WithinReason]

No it doesn't

[egberts1]

Wireshark it yourself.

[protonmail]

No, this is not correct. Proton Scribe cannot read user emails, and relies on the open-source Mistral model.

[skeaker]

This would appear to be a lie.

[WithinReason]

> The words privacy and ai are in my mind almost irreconcilable.

Can you explain why?

[dadie]

Under privacy I understand that I have to the limits of my ability control over with whom I share information. But the same is true for anyone sharing information with me. If I have to input any data from someone else to a program without their implicit or explicit permission it breaks, at least in my opinion, their privacy. The same is true if I for example forward an email addressed only to me to another person. I think I can not expect others to at least try to not break my privacy if I break theirs. Though I can not control other people and would never desire to do so. And I may break unknowingly their privacy as they may do with mine. We all make mistakes and modern software has become horrendous in telling the user what it does.

I know that email providers are scanning the received and send emails. But that is something both party involved know (or at least should know) beforehand. This is what I mean with implicit permission. People sending me an email can and must expect that my email provider will scan their emails to a certain degree. They can und must expect, that I will store their email on a local device for an indefinite period. But they can also expect that I will not post their emails somewhere on the web or forward it to someone else. If they desire otherwise they may state their desire and if I agree with them I will try to accommodate for that to the best of my ability.

For most cases I know about in which ai is used there is neither an implicit nor an explicit permission involved and just the assumption that the other side is ok with their data being shared with a 3rd party as long as it is with a machine which may or may not promises to run locally. Having this permission is an assumption I will not make and which I think is wrong.

Hence why in my mind privacy and ai is irreconcilable. Because the only way I can see to have them both is with an incredible unpractical overhead of managing all this implicit and explicit permissions.

Hopes this answers your question. Though I'm not trying to convince you or anyone else.

[WithinReason]

Thank you for replying, but I don't quite understand what you wrote in the context of a writing assistant where there is no sharing in any form with anyone.

[LetsGetTechnicl]

Generative LLM's like this often reveal confidential info that they were trained on, and anything provided to them in order to generate other output can be used as future training data which can then be re-iterated to others

[WithinReason]

The latter can't be true since the input never leaves your computer, it's private information. The comments you're writing right now on the other hand are public information and can and will be used to train an LLM.

[egberts1]

If i could upvote this a thousand times, at least, that post belongs at the top.

[elashri]

After the submission it was actually on the front page. But then quickly got flagged then unflagged (I didn't reach out to dang).

[egberts1]

And it is.

[sundry_gecko]

What email provider would you switch to?

I am considering the same thing.

[elashri]

I would suggest Fastmail. They are excellent in what they provide. Just email and calendar. So if you are using proton other features (pass, drive..etc) then it wouldn't be 1:1 replacment.

[andrewinardeer]

My concern with them is that they don't store email encrypted at rest and being an Australian company their laws allow the government to put back doors in and are not obliged to tell their clients.

The government law is out of their control but not having your emails at rest unencrypted.

[LetsGetTechnicl]

What's your source on them not encrypting emails at rest? They claim they do: https://www.fastmail.com/features/security/

[andrewinardeer]

I am terribly sorry. I got this wrong.

It is end to end encryption they don't support as this article explains. Yes, it is two very different things however just as important.

[attendant3446]

In the past few years I've tried Proton, Mailbox.org and now I'm with Posteo.de. Unfortunately they don't support custom domains, but I use SimpleLogin to solve this problem. Overall I'm pretty happy with this setup.