Sunday, September 8, 2024

ProtonMail's Privacy Policy Explained

Proton is the creator behind popular privacy based services such as Proton Mail, Proton Drive, Proton VPN, and this is their privacy policy explained in simple terms: (please note that this is very long but still way shorter than all their privacy policies)

Important note/disclaimer: This is not legal advice. These are my own understandings, and should not be a substitute for legal advice. All content contained in this post is for general information purposes only and does not consitute any form of professional advice. If you use this information, your doing so at your own risk. These might be very oversimplified and may not include everything. If you see anything that is inaccurate please reply to this post to let me know.

SHORT SUMMARY: Proton (at least according to their privacy policy) isn't a hungry data collecting company. They respect your privacy and encrypt most of the data they store, and they don't collect lot of information without a reason. I love how Proton is focused so much on privacy.

LONGER SUMMARY OF THEIR PRIVACY POLICY:

Proton AG is operating out of Geneva, Switzerland.

Data collected by Proton:

  • When you visit their websites (proton.me, protonvpn.com) you will be "scanned" by a analytics tool that they've made. These are anonymized whenever possible. IP addresses are not retained and stored for such analytics.
  • When you create an account, they store the information you provide. If you provide a recovery email they might spam you with annoying emails but don't worry you can disable it in your account settings. If you use their other services (Proton VPN, Drive, Pass) you could use an external email address which they will store, and they may send emails to that address unless you disable it.
  • If your deemed suspicious by their systems, they may ask you to do a Proton captcha, or an email/SMS verification. Your IP address, email address, and phone number that you provide will be saved temporarly so they can send you an SMS/email and for anti spam purposes. And by temporary they mean until they have legitimate interest, if they choose to save it permanetly it's gonna be an cryptographic hash so they cannot decipher it.
  • Referrals: I'm not gonna talk about them.

Account activity:

Protonmail: They have access to email metadata which are: Sender, and recipient email address, the sender's IP address, the name of any attachments (but not the contents) and the emails's subject line. They do NOT have access to your encrypted emails. However, if you get an email from an unecrypted source (like gmail) protonmail's servers could in theory read your email and only then encrypt it. If you use Easy Switch using Sign In with Google, they get API information and with that information they will do as Google says. Easy switch using username and password: they keep your username and password until you import your emails once it's done they delete it. They make backups and they delete it after 30 days.

Proton Drive: They have your files end to end encrypted and they cannot access it. Filenames, folder names, thumbnail previews are also encrypted. However, they do store the encrypted file's size so they can enforce storage limitations. Metadata can be accessed by proton (to operate services), and those metadata include: Time of folder/file creation or modification, permissions, username of the file creator/uploader (they need this to verify file authenticity with some fancy technology). If you use sharing URLs they can see when was the URL created, and who accessed it the last time and how many times the URL was accessed. They do NOT have access to file contents, file and folder names. But if someone is reporting abuse then they could send the encrypted file along with the link and password to proton. They make backups and they delete it after 30 days.

Proton VPN: I don't think they keep logs/backups. They say that in a case of a Swiss criminal investigation they cannot provide any VPN info but they can provide your IP address if you use protonmail.

Proton Calendar: They encrypt everything, except: Timezone, repetion rules, event creation and update times, event status. They make backups and they delete it after 30 days. Easy switch using Sign In Google: they get API info and they do as google says.

Proton Pass: Everything is encrypted including metadata. If you use email aliases, those email addresses are not encrypted else they wouldn't work.

Proton Wallet: I never used it so I'm not explaining it.

  • IP logging: they do not keep permanent IP logs associated with your account, however they will keep it temporarily to combat abuse and fraud. If you do some stupid stuff and get your account suspended (breaching terms and conditions) they will keep your IP permanently. If you enable advanced logs in account security settings, they will keep your IP associated with your account as long as the feature is enabled, if you deactivate it all the IPs get deleted.
  • Talking to Proton support: They use third party apps such as Zendesk and Calendly to process some information. Your support requests, bug repports, feature requests may be saved by proton staff. If you use Proton's live chat support (which I didn't even know existed) you agree to have your chat processed by Zendesk. The information you provide when you contact their support is processed for analytics purposes (such as: obtaining aggregate statistics) and they do not do targeted advertising or profiling using that information.
  • Talking Proton's Sales Team: If your a business, why are you reading a random reddit user's post about privacy policies?
  • Payment info: Proton uses Chargebee to process payments, only necesarry information is shared with them. Chargebee doesn't get access to your email or proton account information. Proton doesn't store your credit card, they only save your name and the last 4 digits of the credit card number. Cash and bitcoin payment and donations are accepted (idk why they have to say it in their privacy policy). They may use your account data for payment related matters.
  • Native applications (like windows and phone apps): They (or the platform providers) may collect certain information. Fabric.io is used to collect mobile analytics such as crash reporting, and other statistics. Google Play Store and Apple App Store may collect information in accordance with their own privacy policies. Proton does not access or track any location based information from your device.
  • Proton Scribe: Never used it, I'm not talking about it.
  • Social Media: If you contact them on social media you do so at your own risk. Those interactions are governed by the platforms respective privacy policies and terms and conditions.
  • Links to other stuff: Their website may contain links to other websites or services and they are not responsible for any of the content and those websites use their own privacy policies and terms and conditions.
  • Network traffic that may go through third parties: I don't understand what it's used for.
  • Data subprocessors: For proton to provide their services they need subprocessors to process different categories of data. Subproccesors do not store general day to day use of your account and services. Read the subproccessors list on your own.
  • Data sharing: They disclose limited user data if they are legally obligated to do so by a "biding request coming from competent Swiss authorities". Proton's general policy is to challange requests whenever possible to ensure there are no doubts of the validity of the request. Proton's not responsible to notify users of legal requests, that falls on the responsibility of Swiss authorities.

THE END.

Proton, if your reading this please accept my volunteer translator application.

Want to understand how Tor works? I've explained it in r/InformationPrivacy.


A new weekly summary of UK Bitcoin meetups for the week ahead.

https://bitcoineventsuk.substack.com/p/beuk-meetup-breakdown-15

Hyperbitcoinization Prediction

What do you guys think about my prediction from now until 2035? Its a long read, but worth it.

Scenario: The Beginning of Hyperbitcoinization

Background Context (2024-2028)

Throughout the mid-2020s, global economic and geopolitical challenges have continued to erode trust in traditional financial systems. Inflation rates in several major economies remained persistently high despite central banks' efforts to control them. At the same time, economic inequalities worsened, and political instability in certain regions led to currency devaluations.

Cryptocurrencies, particularly Bitcoin, gained further acceptance as an alternative to fiat currencies. Large institutions and sovereign wealth funds began to hold Bitcoin as a strategic asset, and more companies adopted it for cross-border payments. Meanwhile, the rapid advancement of blockchain technology improved Bitcoin's scalability, security, and usability, making it increasingly viable for everyday transactions.

Scenario Key Events Leading to Hyperbitcoinization:

1. 2024-2026: Accelerated Adoption Amid Global Financial Turmoil

  • Economic Instability: The global economic environment became increasingly unstable between 2024 and 2026. Major economies, particularly in Europe and Latin America, experienced worsening inflation due to supply chain disruptions, rising commodity prices, and ongoing geopolitical conflicts.
  • Fiat Currency Devaluation: Several countries, including Argentina, Turkey, and certain African nations, experienced hyperinflation. This led to a surge in Bitcoin adoption in these regions as people sought refuge from devaluing local currencies.
  • Institutional Adoption: Major corporations like Tesla, Microsoft, and several global banks began to diversify their reserves by holding Bitcoin as an inflation hedge. Bitcoin ETFs gained popularity, further legitimizing the asset in mainstream finance.

2. 2027-2028: Regulatory Clarity and Legalization

  • Regulatory Support: By 2027, several countries developed clear and supportive regulatory frameworks for Bitcoin, including the U.S., Japan, and several EU nations. These regulations established Bitcoin as a legal and widely accepted asset, allowing companies and individuals to transact with it more freely.
  • Emerging Economies Lead the Charge: Countries with struggling economies began to officially adopt Bitcoin as legal tender. Following El Salvador’s earlier lead, nations like Nigeria and Venezuela made Bitcoin an official currency in their countries, incentivizing people to use it for daily transactions.
  • Financial Technology Revolution: The integration of Bitcoin with traditional financial systems and new blockchain-based payment platforms allowed for instant, low-cost Bitcoin transactions worldwide. New wallet technologies made it easy for even the technologically unskilled to store and use Bitcoin securely.

3. 2029-2030: The Hyperbitcoinization Trigger

  • Global Currency Crisis: In 2029, a major global financial crisis triggered by a combination of sovereign debt defaults, energy shortages, and rising geopolitical tensions led to a massive loss of confidence in several leading fiat currencies, including the euro and the U.S. dollar. The crisis caused widespread economic panic, with many governments unable to stabilize their economies through traditional monetary policy.
  • Flight to Bitcoin: As fiat currencies began to rapidly devalue, Bitcoin emerged as a safe haven. The crisis accelerated Bitcoin adoption on a global scale, with both individuals and corporations converting significant portions of their wealth into Bitcoin. This marked the beginning of hyperbitcoinization, as confidence in traditional currencies eroded rapidly.

4. 2031-2035: Bitcoin as a Global Currency

  • Rapid Adoption: By 2031, Bitcoin usage had expanded exponentially. People in both developed and developing nations increasingly relied on Bitcoin for everyday transactions. Governments that had previously resisted cryptocurrency adoption began to accept Bitcoin as part of their monetary systems.
  • Global Standards: International organizations like the IMF and the World Bank started integrating Bitcoin into global financial protocols. Bitcoin's decentralized nature became an attractive feature in a world where trust in centralized institutions had eroded.
  • Fiat Currency Decline: By 2035, fiat currencies like the dollar, euro, and yen still existed, but their role in global trade and finance had diminished significantly. Most major economies had transitioned to using Bitcoin alongside other digital currencies (e.g., stablecoins and central bank digital currencies) as part of a hybrid monetary system. For many people, especially in economically unstable regions, Bitcoin had become the de facto currency.

Year Hyperbitcoinization Likely Begins: 2029

This year marks the point where global confidence in fiat currencies hits a critical low due to widespread economic and financial instability, pushing Bitcoin to become a primary store of value and medium of exchange. The transition accelerates over the next decade, eventually leading to a world where Bitcoin is the dominant global currency.

2024:

  • Price: $75,000 - $90,000
  • Context: The global economy is still struggling with inflation, geopolitical tensions, and post-pandemic recovery. Bitcoin continues to grow as a store of value, with increasing institutional adoption, but it remains volatile. Regulatory clarity is emerging, leading to a more stable investment environment.

2025:

  • Price: $150,000 - $200,000
  • Context: As inflation persists and central banks continue to print money, confidence in fiat currencies begins to wane. Bitcoin’s adoption accelerates, especially in countries with struggling economies. More large corporations and financial institutions add Bitcoin to their balance sheets as an inflation hedge, driving its price upward.

2026:

  • Price: $250,000 - $300,000
  • Context: Bitcoin adoption increases significantly as several countries face currency crises, causing more people to turn to Bitcoin as an alternative to their devaluing fiat currencies. The continued development of blockchain technology, including the Lightning Network, makes Bitcoin more viable for everyday transactions.

2027:

  • Price: $350,000 - $400,000
  • Context: Several countries adopt Bitcoin as legal tender, following El Salvador’s lead. This creates a wave of adoption across emerging markets, where Bitcoin usage for everyday transactions begins to grow rapidly. Regulatory clarity in major economies like the U.S. and the EU further boosts Bitcoin’s legitimacy.

2028:

  • Price: $450,000 - $550,000
  • Context: Bitcoin’s integration into traditional financial systems continues to improve. More countries begin to adopt Bitcoin for international trade settlements, and Bitcoin-based financial products become more mainstream. Confidence in fiat currencies continues to erode as inflation remains a global concern.

2029:

  • Price: $750,000 - $1,000,000
  • Context: A major global financial crisis triggers widespread panic and loss of confidence in fiat currencies. Sovereign debt defaults, energy shortages, and geopolitical tensions push people and institutions toward Bitcoin as a safe haven asset. This marks the beginning of hyperbitcoinization, as the transition away from fiat currencies accelerates.

2030:

  • Price: $1,500,000 - $2,000,000
  • Context: Bitcoin’s adoption as a global currency skyrockets. Many countries facing economic crises fully transition to Bitcoin as their primary currency, while developed nations begin to allow Bitcoin alongside fiat. Traditional financial institutions increasingly offer Bitcoin-based services, further driving its global use.

2031:

  • Price: $3,000,000 - $5,000,000
  • Context: Hyperbitcoinization gains momentum. Bitcoin becomes a widely accepted medium of exchange in both developed and developing countries. The infrastructure supporting Bitcoin transactions is now highly advanced, allowing for instant and nearly free transactions. Bitcoin’s price skyrockets as more people and institutions shift their wealth into it.

2032:

  • Price: $8,000,000 - $10,000,000
  • Context: By this point, Bitcoin is a dominant global currency. Many fiat currencies are in severe decline, with some countries fully abandoning their national currencies in favor of Bitcoin. Bitcoin's price reflects its role as the world's primary store of value and means of transaction.

2033:

  • Price: $15,000,000 - $20,000,000
  • Context: Bitcoin's value continues to rise as it absorbs the value of declining fiat currencies. The global economy is now primarily based on Bitcoin, with many governments using Bitcoin reserves as part of their monetary policy. The Bitcoin network is handling massive transaction volumes, and the financial world has fully embraced decentralized technology.

2034:

  • Price: $25,000,000 - $30,000,000
  • Context: Bitcoin is now the global standard for value storage and exchange. The majority of global trade is conducted in Bitcoin, and financial systems have been restructured around it. Hyperbitcoinization is fully underway, with most people and businesses operating primarily in Bitcoin.

2035:

  • Price: $50,000,000 - $100,000,000
  • Context: Hyperbitcoinization has reached its peak. Bitcoin is now the dominant global currency, and most fiat currencies have lost their value or are used only in niche situations. The price of Bitcoin reflects the global economy’s shift to a decentralized, Bitcoin-based financial system. Bitcoin’s value stabilizes as it becomes the primary measure of wealth worldwide.