Privacy wins 2021

As we come to the end of Data Privacy Week, it’s important to take stock of our progress. Yes, building an internet where privacy is the default is hard work, and yes, we still have a long way to go, but there were promising developments in 2021 for the internet and the globe. Here are 10 of the biggest privacy wins from last year.

Demand for online privacy grew

If people do not demand online privacy, we will never be able to build a more private internet. New privacy-focused tools can be launched, new data privacy laws can be passed, and governments can even go after the worst abusers of personal data, but in all these cases, governments and markets are following the preferences of the people.

Fortunately, 2021 demonstrated that people are choosing to protect their personal data in ever-increasing numbers. Hopefully, we’ll look back and say that 2021 was the year when a privacy-by-default internet became inevitable. 

Proton passes 50 million signups

In 2021, we passed 50 million signups for our encrypted services. As an organization that began as a crowdfunded project seven years ago, this shows just how far privacy has come.

Read about our journey over the past seven years (new window)

DuckDuckGo averages 100 million queries a day

DuckDuckGo’s search volume grew by 47% in 2021, and it averaged over 100 million queries a day for the first time in November 2021. Each search on DuckDuckGo prevents Google from sweeping up even more data. 

Read about DuckDuckGo in 2021(new window)

Millions of people choose Signal

Early in 2021, WhatsApp announced it would be changing its privacy policy, which alerted people to how much data it is already sharing with Facebook (now Meta). This new privacy policy, coupled with a global Facebook outage across all its services in October 2021, drove millions of people to sign up for the more private Signal messaging app.

Read about people flocking to Signal(new window)

It became easier for people to protect more of their data

Proton is leading the fight for an internet where privacy is the default, but we’re not the only organization working to protect your data. In 2021, several new products were released that will let you protect more of your data. The more data that is protected, the more private we all are.

Brave and launch Google Search replacements

At this point, it is no secret that Google spies on anyone that uses its services. But Google Search is still the most popular search engine by a wide margin. Many of its rivals even rely on its index to provide you with results. But in 2021, Brave and both released public betas of new search engines that will take on Google. 

Brave Search uses its own independent web index to populate its results. It doesn’t track your queries and shows you why it ranked your results in that specific order. lets you search without sharing your IP address and uses AI to summarize the results it thinks you want without showing you targeted ads.

Read more about Brave Search(new window)

Read more about window)

Signal now lets you video call up to 40 people

As an end-to-end encrypted service ourselves, we have long admired Signal, the end-to-end encrypted chat service. In 2020, Signal introduced end-to-end encrypted group calls, which was already a big step forward. In 2021, they increased the limit of people on a group call from 5 to 40. It’s never been easier to ensure your big group calls stay private.  

Read how Signal applied end-to-end encryption to its group calls(new window)

Countries around the world passed new privacy laws 

While privacy legislation is not always flashy, without strong data privacy laws, companies are free to collect and abuse your data. Governments around the world are finally starting to take action.

South Korea forces Apple and Google to allow alternative payment systems

Even among Big Tech, it’s harder to find bigger or more powerful companies than Apple and Google. A large part of this power is based on their absolute control over the app markets on iOS and Android smartphones. This control insulates them from competition and allows them to dismiss calls for increased privacy protection from the public. The South Korean government is forcing Apple and Google to open up their app stores to alternative payment systems to break up their monopolistic power. Enforcement has been tricky, but this is an important and groundbreaking step toward a more fair and private internet.

Read about South Korea’s bill requiring third-party payment systems in app stores(new window)

The US government shows signs it will take on Big Tech

In 2021, the US government appointed Lina Khan and Alvaro Bedoya to the FTC, both outspoken critics of Big Tech’s anticompetitive practices and data privacy abuses (Lina Khan has since been confirmed by the Senate). As the saying about political appointments goes, “Personnel is policy”, and these appointments sent Big Tech a clear signal to expect vigorous scrutiny of their monopolistic behavior and privacy violations.

Read about Lina Khan’s confirmation as chair of the FTC(new window)

Read about Alvaro Bedoya’s appointment to the FTC(new window)

Quebec and Virginia pass new privacy legislation

Privacy is a human right, but there are not always laws that guarantee its protection. And even when there are, those laws are often outdated and don’t really apply to the data abuses we see on the internet. Both the Canadian province of Quebec and the US state of Virginia passed new data privacy laws similar to the GDPR and California’s Consumer Privacy Act.

Read about Quebec’s Bill 64(new window)

Read about Virginia’s Consumer Data Privacy Act(new window)

Governments took on surveillance and abuse of personal data

Having rules on the books is one thing, backing them up with strong enforcement is another. For too long, companies that use their services to spy on people have been able to get away with their abusive practices. But there has been an overwhelming outcry for privacy protection from people around the world. It has led to new privacy legislation, and it has caused governments to go after the worst data abusers.

The two largest-ever GDPR fines were handed out for privacy abuses

It may have taken a while for European data protection agencies to get up and running, but they are now punishing privacy abuses with fines that will start to get even Big Tech companies’ attention. Ireland’s data protection agency fined WhatsApp €225 million for its opaque and misleading privacy policy, and Luxembourg’s data protection agency fined Amazon €746 million for failing to follow GDPR regulations for processing data.

Read about WhatsApp’s GDPR fine(new window)

Read about Amazon’s record-breaking GDPR fine(new window)

The US government sanctions the NSO Group

The NSO Group sells spyware that can be used to break into people’s devices and monitor who they talk to, what they say, where they are, and more. NSO’s spyware was found to have been used to spy on over 180 journalists, including reporters, editors, and executives at the Associated Press, CNN, Financial Times, France 24, Reuters, The Economist, and The New York Times. As a result, in November 2021, the US government introduced sanctions against the company and several other spyware purveyors.

Read more about the sanctions the NSO Group faces(new window)

So what do you think? Did we miss any big privacy wins from 2021? What do you think will be the biggest privacy wins for 2022? Let us know what you think on Twitter(new window), Facebook(new window), Reddit(new window), or Linkedin(new window).

UPDATE 31 January 2022: Telegram was removed as an alternative to WhatsApp as only certain chats are end-to-end encrypted, making it a less of a privacy-focused choice than Signal. Read more about the best WhatsApp alternatives(new window).

Protect your privacy with Proton
Create a free account

Related articles

proton scribe
Most of us send emails every day. Finding the right words and tone, however, can take up a lot of time. Today we’re introducing Proton Scribe, a smart, privacy-first writing assistant built right into Proton Mail that helps you compose and improve yo
People and companies are generally subject to the laws of the country and city where they are located, and those laws can change when they move to a new place. However, the situation becomes more complicated when considering data, which can be subjec
Your online data is no longer just used for ads but also for training AI. Google uses publicly available information to train its AI models, raising concerns over whether AI is even compatible with data protection laws. People are worried companies
iPhone stores passwords in iCloud Keychain, Apple’s built-in password manager. It’s convenient but has some drawbacks. A major issue is that it doesn’t work well with other platforms, making it hard for Apple users to use their passwords and passkeys
There are many reasons you may need to share passwords, bank details, and other highly sensitive information. But we noticed that many people do this via messaging apps or other methods that put your data at risk. In response to the needs of our com
Large language models (LLMs) trained on public datasets can serve a wide range of purposes, from composing blog posts to programming. However, their true potential lies in contextualization, achieved by either fine-tuning the model or enriching its p