Proton

Correcting misconceptions about the White House’s use of encryption and Proton Mail

As a matter of policy, we never comment on individual accounts, so we will not confirm nor deny the authenticity of this account. And while we were hoping to not have to comment at all, after two days of silence, there are some misconceptions(new window) that we now feel are necessary to correct.

Don’t be a password idiot

First of all, just to get it out of the way, don’t be a password idiot. Do not write your password down on a piece of paper and then lose that piece of paper. Also, enable two-factor authentication. Without good password practices, no amount of encryption will keep your data secure. We highly recommend reading our email security guide. In other words, don’t be this guy:

A White House staffer wrote his encrypted email password on White House letterhead and then left it at a bus stop https://t.co/7cpgAuflMw(new window) pic.twitter.com/qJ1Xsqg0G7(new window)

— Sam Biddle (@samfbiddle) March 17, 2018(new window)

Wanting more security is not suspicious

It is incorrect to say that using Proton Mail implies you have “something to hide.” Proton Mail provides more security and privacy compared to Gmail or other email services, and security is desirable for practically anyone that uses the internet.

What makes Proton Mail more secure is that we use zero knowledge encryption and end-to-end encryption, which means that we do not have access to your emails, and an adversary which breaches our systems also cannot decrypt the emails stored on our servers. We cannot read your emails, we cannot share data with third parties, and we do not do business with advertisers who want your data. We comply fully with both Swiss and EU privacy regulations, including the upcoming GDPR legislation.

Encryption doesn’t prevent the creation of records

There is a broadly held misconception that encryption is being used to prevent the creation of government records. This is technologically incorrect. Encryption does not prevent the creation of records. If anything, it is an important tool for improving the security of records.

As it pertains to the Trump administration’s use of Proton Mail, the actual issue is whether or not non-governmental accounts are (allegedly) being used for government work. This is an entirely separate issue that has nothing to do with encryption, and it is a mistake to confuse the two.

It is also important to note that it is not illegal for government officials to possess private email accounts (Proton Mail or otherwise) for personal use, and the presumption should be innocent until proven guilty.

Encryption is not about hiding, it is about securing

Encryption by itself generally does not permit a government official to hide communications. Emails, encrypted or not, can be subject to subpoenas. The difference is that when it comes to encrypted emails, it is not possible to obtain them from the service provider, and instead the subpoena must be served to the individual or organization under investigation. This is the way that things should be, and is far better than the alternative (prohibiting the use of encryption), which would weaken security for everyone, treat all users as guilty until proven innocent, and leave data vulnerable to leaks and breaches.

Concluding thoughts

Like all services, Proton Mail can be used both legally or illegally, but there is nothing out of the ordinary with possessing an account. Millions of people use Proton Mail, including journalists, activists, doctors, lawyers, businessmen, and people from all walks of life. Our technology is used to protect online freedom, keep societies democratic(new window), and provide improved cybersecurity. While we may not always agree with all of our users, we are committed to keeping Proton Mail accessible to all who use it in a lawful manner.

Related articles

A cover image for a blog describing the next six months of Proton Pass development which shows a laptop screen with a Gantt chart
Take a look at the upcoming features and improvements coming to Proton Pass over the next several months.
The Danish mermaid and the Dutch parliament building behind a politician and an unlocked phone
We searched the dark web for Danish, Dutch, and Luxembourgish politicians’ official email addresses. In Denmark, over 40% had been exposed.
Infostealers: What they are, how they work, and how to protect yourself
Discover insights about what infostealers are, where your stolen information goes, and ways to protect yourself.
Mockup of the Proton Pass app and text that reads "Pass Lifetime: Pay once, access forever"
Learn more about our exclusive Pass + SimpleLogin Lifetime offer. Pay once and enjoy premium password manager features for life.
A cover image for a blog announcing that Pass Plus will now include premium SimpleLogin features
We're changing the price of new Pass Plus subscriptions, which now includes access to SimpleLogin premium features.
Infinity symbol in purple with the words "Call for submissions" and "Proton Lifetime Fundraiser 7th Edition"
It’s time to choose the organizations we should support for the 2024 edition of our annual charity fundraiser.