Privacy-focused email provider Proton Mail provided Swiss authorities with payment data that the FBI then used to determine who was allegedly behind an anonymous account affiliated with the Stop Cop City movement in Atlanta, according to a court record reviewed by 404 Media.
The records provide insight into the sort of data that Proton Mail, which prides itself both on its end-to-end encryption and that it is only governed by Swiss privacy law, can and does provide to third parties. In this case, the Proton Mail account was affiliated with the Defend the Atlanta Forest (DTAF) group and Stop Cop City movement in Atlanta, which authorities were investigating for their connection to arson, vandalism and doxing. Broadly, members were protesting the building of a large police training center next to the Intrenchment Creek Park in Atlanta, and actions also included camping in the forest and lawsuits. Charges against more than 60 people have since been dropped.
Information the FBI received showed a specific person as the payment source for a particular Proton Mail account, the record shows. “On January 25, 2024, subscriber information received from the Swiss Mutual Legal Assistance Treaty Unit, revealed [full name] (SUBJECT) as the payment source for the Proton e-mail address defendtheatlantaforest@protonmail.com,” it reads. 404 Media is not publishing the person’s name because they don’t appear to have been charged with a crime, according to searches of court databases.
[…]
The document says the FBI believes that whoever manages the Proton Mail account likely has administrative access to the blog. The FBI received details about that Proton Mail account from the Swiss authorities via a Mutual Legal Assistance Treaty, or MLAT. An MLAT is when authorities in one country agree to provide information to an agency in another country. These are often used when the company or entity holding the information may only respond to local law enforcement demands for data.Edward Shone, head of communications for Proton AG, the company behind Proton Mail, told 404 Media in an email: “We want to first clarify that Proton did not provide any information to the FBI, the information was obtained from the Swiss justice department via MLAT. Proton only provides the limited information that we have when issued with a legally binding order from Swiss authorities, which can only happen after all Swiss legal checks are passed. This is an important distinction because Proton operates exclusively under Swiss law.” Functionally, though, the material was provided to the FBI.
Because they have to be able to charge the account.
Mullvad doesn’t seem to have this issue, and they don’t have a fraction as many services as Proton does.
Mullvad does have this issue. That is why in their logging policy explaining what they don’t, do, or have to log, they explicitly state:
This person would have been just as easily unmasked had they paid Mullvad and had that account found by the government, as they were when the government found their Proton account.
Something that could have been easily avoided if Proton provided a one-time pay option instead of rent-seeking grift methods.
And no, crypto is not necessarily a good option. I can’t, to my knowledge, buy crypto giftacrds with cash in any country in Latin America at least.
So you buy crypto with cash. Then convert it to Monero then buy the giftcards. Then load giftcard into a digital payment app. The use it.
It’s not necessarily “rent-seeking grift”, it’s often offered as a convenience. Plus, you can do one time payments to stock up credits.
As for your second point, I’d suggest going to an online exchange and trading for crypto.
What?
How is having to pay in continuity, the more if using payment systems subject to KYC, a convenience over having to pay only once?
Because if your account requires continuous payments, most consumers would like to not randomly get their service cut if they forgot to stock up. Yes, that’s different in the privacy community, but Proton still caters to people who put little value in privacy.