Updated November 9, 2023
We are often asked why Proton(new window) is based in Switzerland and whether there are real advantages to being a Swiss company. We believe there are several good reasons to call Switzerland home, and this article explains why.
Proton’s roots are in Proton Mail(new window), which began at the European Organization for Nuclear Research (CERN) in Geneva, where many of our early team members worked together on particle physics experiments. Thus, Proton Mail was born in Switzerland back in 2014. When we investigated the legal considerations about where to establish our growing service, it became clear that Switzerland was in fact a hospitable location for a tech company focused on privacy.
Unless you host your servers on a boat in international waters, you must be under some legal jurisdiction. Choosing one is particularly important because, as the Lavabit example(new window) shows, local laws can have an existential impact on the service. Given that we serve users with highly sensitive privacy and security requirements from around the world, Switzerland, being outside of US and EU jurisdiction, has the advantage of being a neutral location.
Switzerland also has a long history of privacy and security, dating back over a century, and its laws are much more protective of individual privacy rights. In the US and EU, gag orders can be issued to prevent an individual from knowing they are being investigated or under surveillance. While these type of orders also exist in Switzerland, the prosecutors have an obligation to notify the target of surveillance, and the target has an opportunity to appeal in court. There are no such things as National Security Letters, and all surveillance requests must go through the courts. Furthermore, while Switzerland is party to international assistance treaties, such requests for information must hold up under Swiss law, which has much stricter privacy provisions.
We’ve also fought to ensure that Switzerland remains a legal jurisdiction that respects and protects privacy. Nearly every country in the world has laws governing lawful interception of electronic communications for law enforcement purposes. In Switzerland, these regulations are set out in the Swiss Federal Act on the Surveillance of Post and Telecommunications (SPTA), which was last revised on March 18, 2018. In May 2020, we launched a legal challenge against the Swiss government over what we believed was an improper attempt to use telecommunications laws to undermine privacy. In October 2021, The Swiss Federal Administrative Court ultimately agreed with us and ruled that email companies cannot be considered telecommunication providers(new window). This means Proton Mail isn’t required to follow any of the SPTA’s mandatory data retention directives, nor are we bound by a full obligation to identify Proton Mail users. Moreover, as a Swiss company, Proton Mail cannot be compelled to engage in bulk surveillance on behalf of US or Swiss intelligence agencies(new window).
While Proton Mail benefits from strong legal protections within Switzerland, we have also built in technological safeguards against surveillance, such as utilizing end-to-end encryption. We do not possess the keys required to decrypt users’ emails. Even emails between non-Proton Mail accounts cannot be decrypted on our servers thanks to our use of zero-access encryption(new window). As a result, even if Proton Mail was forced to turn over all our computer systems, email contents will continue to be encrypted. These technical safeguards are the strongest privacy protections because unlike national laws, the laws of mathematics cannot be changed or altered.
We believe comprehensive security can only be achieved through a combination of technology and legal protections, and Switzerland provides the optimal combination of both. Because of Switzerland’s advanced IT infrastructure and its unique legal environment, Proton Mail can deliver a service that is both reliable and secure.
For more information about Internet surveillance in Switzerland and requests for information made to Proton Mail, please view our Transparency Report.
