ProtonMail wants to make strong, end-to-end encryption completely invisible to the user.However, in constructing such a slick user experience, a lot of disadvantages are created:
ProtonMail claims a number of security and user-experience advantages: end-to-end encryption the possibility of anonymous accounts open source (for their client–the app you run–but it’s not clear if their server software is all open-source) two-factor authentication physical and legal protection of their servers (located at CERN, guarded by Swiss privacy laws, for whatever that’s worth) simple to use encryption (PM manages encryption keys for you) fancy webmail and custom mobile app no-cost (freemium). Get in touch if you want a hand getting set up. So as an activist who could be targeted for political reasons, you’d have good reason to feel unprotected.įor verifiable, resilient, solidaristic email security, we recommend GPG/OpenPGP (Mozilla Thunderbird+Enigmail plugin) combined with a trusted movement email provider like - and if you can, support all of these efforts with money or time. The ProtonMail developers say ProtonMail is only trying to help businesses or “Private Citizens with Privacy Concerns” avoid totally untargeted, mass surveillance (in other words, they say they only keep you safer than all those other people who may be prey for the info-hungry bear eagle State).Not good, if that system turns out to be not-all-that-secure after all. This risks herding diverse movements into a single system for secure comms. It’s a (mostly-)closed system: easy to send private messages inside, but complex or impossible to exchange encrypted emails with people not using ProtonMail.There’s no clear way to confirm that you are encrypting messages (only) to the right person.But it’s not the right choice for your org’s long-term communications security.īefore we get into any technical discussion, the straight-up dealbreakers for activists with ProtonMail are: It might be OK for a quick fix when you need something more trustworthy than Gmail or Facebook Messenger. That said, please, please stop telling other activists to use it. We’re not saying it’s downright dangerous or totally insecure, or that we have a specific reason to distrust the developers. Can this be good enough for activists? Here, we take a look at easy-to-use ProtonMail–and why we at the CLDC can’t recommend it (or its security model) for people opposing the powerful.įirst off, if you currently rely on ProtonMail for your organizing, please don’t feel you need to quit using it straight away. This security model is offered by many Snowden-era startups claiming to provide digital security to the masses. In case of bear attack, you can feel secure knowing you can outrun your (former) friend. “You don’t have to outrun the bear” is a security model where you stay safe from predators on camping trips by taking your chain-smoking, out-of-shape buddy along.