ProtonBlog

Swiss court ruling strengthens privacy for email providers

Since the founding of Proton in 2014, we have fought to advance privacy and freedom around the world. We do this not only through technology and advocacy (Proton has contributed over $500,000 toward defending these values around the world) but also through the courtroom. 

As part of these efforts, in May 2020, we launched a legal challenge against the Swiss government over what we believe to be an improper attempt to use telecommunications laws to undermine privacy. In a ruling this week, the Swiss Federal Administrative Court confirmed that email services cannot be considered telecommunications providers, and consequently are not subject to the data retention requirements imposed on telecommunications providers.

This comes on the heels of a Swiss Supreme Court ruling in April 2021 in a case brought by Threema (2C_544/2020) that ruled that instant messaging services are also not telecommunications providers. Together, these two rulings are a victory for privacy in Switzerland as many Swiss companies are now exempted from handing over certain user information in response to Swiss legal orders.

The bigger picture

We have chosen Switzerland as our home because we believe it provides strong legal privacy protections. We will, however, continue to watch developments in Switzerland and other countries and, if necessary, adapt to ensure that our jurisdiction of incorporation offers our community the best possible privacy protection. 

We are also watching several promising developments in the EU. In April 2014, the Court of Justice of the European Union (CJEU) struck down the EU’s data retention directive, stating it disproportionately interfered with the right to privacy and protection of personal data. The judgment was later confirmed by the CJEU in October 2020(new window), striking down several national applications of the directive by Member States (C-623/17, C-511/18, C-512/18, C-520/18).

We are also supporting the challenge led by Swiss digital rights groups(new window) against Swiss data retention laws at the European Court of Human Rights(new window). Given the past legal precedent set by the CJEU in 2014 and its confirmation in 2020, there are strong indications that the ECHR will definitively strike down Switzerland’s metadata retention obligations on telecommunications providers.

While we continue to push the legal and policy frameworks in our community’s interest, ultimately, the best protection we can provide users is through the laws of mathematics, which are unyielding and unchanging. Today, the privacy by default provided by Proton’s products is derived primarily from our usage of zero-access encryption and end-to-end encryption. Going forward, we will continue to double down on encryption and are committed to increasing and strengthening our use of encryption to provide users with the best possible privacy protection.

The fight continues

While this is an important legal victory for Proton and Swiss privacy, our work does not end here. We will also continue to closely watch developments in both Switzerland and other countries, and adapt as necessary to ensure that our legal jurisdiction offers the best possible privacy protection to users. We expect there to be further attempts to force tech companies to undermine privacy in both Switzerland and abroad, and we are committed to continuing to challenge this through both our encryption technology and through the judicial system.

Your support makes this work possible, and for that we’re forever grateful.

Proteja su privacidad con Proton
Crear una cuenta gratuita

Artículos relacionados

en
  • Lo básico sobre privacidad
Identity theft is a major sector of criminal activity. About 24 million people fell victim in the United States alone in 2021, costing them over $16 billion. Credit card fraud is the most common type, but criminals target all kinds of personal data.
en
Google is one of the biggest obstacles to privacy. The Big Tech giant may offer quick access to information online, but it also controls vast amounts of your personal or business data. Recently, more people are becoming aware of the actual price you
What to do if someone steals your Social Security number
en
If you’re a United States citizen or permanent resident, you have a Social Security number (SSN). This number is the linchpin of much of your existence, linked to everything from your tax records to your credit cards. Theft is a massive problem, whic
compromised passwords
en
  • Lo básico sobre privacidad
Compromised passwords are a common issue and probably one of the biggest cybersecurity threats for regular people. How do passwords get compromised, and is there anything you can do to prevent it? * What does compromised password mean? * How do pa
Is WeTransfer safe?
en
  • Lo básico sobre privacidad
WeTransfer is a popular service used by millions worldwide to send large files. You may have wondered if it’s safe or whether you should use it to share sensitive files. We answer these questions below and present a WeTransfer alternative that may su
what is a dictionary attack
en
  • Lo básico sobre privacidad
Dictionary attacks are a common method hackers use to try to crack passwords and break into online accounts.  While these attacks may be effective against people with poor account security, it’s extremely easy to protect yourself against them by usi