Proton

Swiss court ruling strengthens privacy for email providers

Since the founding of Proton in 2014, we have fought to advance privacy and freedom around the world. We do this not only through technology and advocacy (Proton has contributed over $500,000 toward defending these values around the world) but also through the courtroom. 

As part of these efforts, in May 2020, we launched a legal challenge against the Swiss government over what we believe to be an improper attempt to use telecommunications laws to undermine privacy. In a ruling this week, the Swiss Federal Administrative Court confirmed that email services cannot be considered telecommunications providers, and consequently are not subject to the data retention requirements imposed on telecommunications providers.

This comes on the heels of a Swiss Supreme Court ruling in April 2021 in a case brought by Threema (2C_544/2020) that ruled that instant messaging services are also not telecommunications providers. Together, these two rulings are a victory for privacy in Switzerland as many Swiss companies are now exempted from handing over certain user information in response to Swiss legal orders.

The bigger picture

We have chosen Switzerland as our home because we believe it provides strong legal privacy protections. We will, however, continue to watch developments in Switzerland and other countries and, if necessary, adapt to ensure that our jurisdiction of incorporation offers our community the best possible privacy protection. 

We are also watching several promising developments in the EU. In April 2014, the Court of Justice of the European Union (CJEU) struck down the EU’s data retention directive, stating it disproportionately interfered with the right to privacy and protection of personal data. The judgment was later confirmed by the CJEU in October 2020(new window), striking down several national applications of the directive by Member States (C-623/17, C-511/18, C-512/18, C-520/18).

We are also supporting the challenge led by Swiss digital rights groups(new window) against Swiss data retention laws at the European Court of Human Rights(new window). Given the past legal precedent set by the CJEU in 2014 and its confirmation in 2020, there are strong indications that the ECHR will definitively strike down Switzerland’s metadata retention obligations on telecommunications providers.

While we continue to push the legal and policy frameworks in our community’s interest, ultimately, the best protection we can provide users is through the laws of mathematics, which are unyielding and unchanging. Today, the privacy by default provided by Proton’s products is derived primarily from our usage of zero-access encryption and end-to-end encryption. Going forward, we will continue to double down on encryption and are committed to increasing and strengthening our use of encryption to provide users with the best possible privacy protection.

The fight continues

While this is an important legal victory for Proton and Swiss privacy, our work does not end here. We will also continue to closely watch developments in both Switzerland and other countries, and adapt as necessary to ensure that our legal jurisdiction offers the best possible privacy protection to users. We expect there to be further attempts to force tech companies to undermine privacy in both Switzerland and abroad, and we are committed to continuing to challenge this through both our encryption technology and through the judicial system.

Your support makes this work possible, and for that we’re forever grateful.

Protect your privacy with Proton
Create a free account

Related articles

People and companies are generally subject to the laws of the country and city where they are located, and those laws can change when they move to a new place. However, the situation becomes more complicated when considering data, which can be subjec
Your online data is no longer just used for ads but also for training AI. Google uses publicly available information to train its AI models, raising concerns over whether AI is even compatible with data protection laws. People are worried companies
iPhone stores passwords in iCloud Keychain, Apple’s built-in password manager. It’s convenient but has some drawbacks. A major issue is that it doesn’t work well with other platforms, making it hard for Apple users to use their passwords and passkeys
There are many reasons you may need to share passwords, bank details, and other highly sensitive information. But we noticed that many people do this via messaging apps or other methods that put your data at risk. In response to the needs of our com
Large language models (LLMs) trained on public datasets can serve a wide range of purposes, from composing blog posts to programming. However, their true potential lies in contextualization, achieved by either fine-tuning the model or enriching its p
is Google Docs secure
Your online data is incredibly valuable, particularly to companies like Google that use it to make money through ads. This, along with Google’s numerous privacy violations, has led many to question the safety of their information and find alternative