this post was submitted on 23 Jul 2025
62 points (93.1% liked)
Privacy
40177 readers
467 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Depends on your threat model. What are you defending against?
I am defending against anyone that uses my data for non-essential purposes. Well, not all non-essential purposes; i mean ads, personalization, AI, selling it for profit, etc.
Then Proton should be fine. As far as I know, they don’t sell user data.
Of course as soon as you send an email or receive it from someone else, there’s a chance it will be mined, but while it’s ”at rest” on Proton servers it should fulfill your model just fine.
excuse me ignorance, but I understand that once you receive mail from someone with shared pgp keys, they'd have no way to read the contents.
But when I receive an email from any service that sends me mail, or from a friend that doesn't use PGP, it sits encrypted in my account... but how do we know proton isn't 'reading' the contents when it is delivered and before it is encrypted in the account?
Is there a possibility of data mining or them storing the contents on their end? like a mirror image?
If and when you send or receive e-mail encrypted by PGP, the body (contents) of the message is indeed encrypted and you're safe from snooping and data collection, which is great. However, privacy-wise this might actually be a bad thing, because almost no one uses PGP and using it makes you stand out in a sea of normal e-mail users for someone who collects and analyzes lot of data. So if that's your threat model, using PGP might actually be dangerous. Also, you have to remember and remind everyone to use PGP, which is cumbersome if you correspond with non-techie people. You don't really know how they handle "their side" and PGP software is notoriously not very user friendly.
Whenever you send someone unencrypted e-mail from your Proton account, there's a chance that the recipients e-mail provider (most likely Google or Microsoft) reads it. Same when they send it to you. It doesn't actually matter that the message sits encrypted "at rest" in your Proton accounts Sent Items -, the contents have already been read, indexed and sold to a broker.
It's very hard to do e-mail privacy because the protocol itself doesn't have any built-in. It's better to use other communication methods for sensitive transactions.
Good explanation, and I figured the same.
I feel the 'encrypted at rest' is then a false sense of security. Alas it is much better than gmail, etc.
To my knowledge Proton doesn’t sell your data and there were no leaks in the past. It is also true for a lot of its competitors though.
Note: I use Proton for some things.
But, here's the twist: there's a controversy because of the recent AI and the CEO being Pro-trump.
Having an AI isn't problematic at all; Forcing it into places where people don't want it is.
And the CEO being pro Rump is a stretch. He approved of one Rump policy. Hell I hate the man and believe him a cancer to the world, but even I can point to a couple things I like he did.
Let me take your encrypted data and put it through my service where I can see all of it...
That's not how LLMs work.
Well then please do educate the class on how it works
They do text prediction based on the training data. If the training data is all encrypted gibberish, it'll only output gibberish.
I assumed you would need to let LLM to access your data for it to be any market advantage v generic llm.
If this is just a generic llm that doesn't have access to your data them my point above is not an issue.
I don’t think that controversy about Trump is concerning in any way. The AI could be interesting instead.