they handed over payment info with the real name
Bad opsec. Of course Proton will comply with court orders. It’s your responsibility to not leave data they can hand over.
they shouldn’t pretend to protect your privacy if they can’t
one time they did this and only then after changed their website where it said they wouldn’t log your info
https://technologymagazine.com/cloud-and-cybersecurity/protonmail-under-fire-over-data-handover
Indeed
But shouldnt it be encrypted on their servers?
Payment data? Never.
Technically stored encrypted, but they also have the keys
I’m still relatively new to Proton, but I thought I read early on that they would still have to comply with legal requests. I believed that their system was mostly in the realm of two secure accounts being able to hide the messages themselves. I use a card, so I am tied to my account. Does using whatever coin they take (if any) help with this? I remember reading they wanted to open more doors to alternate payment methods. I think it was to help privacy but also in large part so that they could still collect money if they ever get slapped down by other processors for making someone big mad for their privacy setup.
EDIT: I thought I had replied to something like this before. Found it. https://a.lemmy.world/lemmy.world/post/15148279 It seems to me that some just overestimate what the service is.
I can’t read the article because it’s behind a paywall, so I’ll ask here: What information was handed over specifically? The IP address of when the account was created? The payment details? Unencrypted data? Login information? Device data? Something else?
they handed over payment info with the real name
protonmail without PGP only has encryption for other protonmail users
