As Black Lives Matter protests continue to sweep across the U.S., your fellow protesters may be encouraging you to switch to new communication services. One of the names you might have seen thrown around is ProtonMail, the website that promises “secure email based in Switzerland” complete with an “end-to-end encryption” and “anonymous email.”
If these names sound confusing, well, that’s understandable. ProtonMail is one of many new alternative web services that promise advanced data privacy protection for users still learning the ropes to protecting their online communications. But is it the right choice for you? It depends on who you are, what you’re doing, and whether you’re at risk of serious harm. Read on for all things ProtonMail, including the Daily Dot’s ProtonMail review.
What is ProtonMail?
ProtonMail is a privacy-oriented email service from Proton Technologies AG, a non-profit organization based in Switzerland and run by European Organization for Nuclear Research scientists. Proton Technologies is best known for ProtonMail, although there are other Proton applications, including a VPN, a calendar, and a cloud drive. Of these, the latter two are still in development.
ProtonMail first arrived in beta in mid-2014, and over the past six years, the email service has become popular with journalists, sex workers, and data privacy activists. ProtonMail offers several security features that appeal to these vulnerable groups, including “encryption at rest,” or emails encrypted when in a user’s inbox, and “zero-access encryption,” preventing ProtonMail from decrypting and reading emails.
“Data is encrypted on the client side using an encryption key that we do not have access to. This means we don’t have the technical ability to decrypt your messages, and as a result, we are unable to hand your data over to third parties,” ProtonMail writes. “With ProtonMail, privacy isn’t just a promise, it is mathematically ensured. For this reason, we are also unable to do data recovery. If you forget your password, we cannot recover your data.”
Danielle Blunt, a founding member of sex worker advocacy group Hacking//Hustling, switched to ProtonMail right before SESTA-FOSTA went into law in 2018. Blunt said she likes how ProtonMail provides “a little extra privacy” when communicating with clients and engaging in organizing work.
“I like that [Proton] is a Swiss company and has a history of protecting users’ privacy,” Blunt told the Daily Dot. “Even if they were forced by Swiss law to hand over contents of my email, it would be useless because they would be unable to decrypt them without my password.”
Why is encrypted email important?
In operational security (or OPSEC), there are two forms of text available on the internet: plaintext and ciphertext. Plaintext is your average communications material readily available and accessible by an internet user. For example, this article is in plaintext. Ciphertext is created with an algorithm that encrypts text, thus making it impossible to read without a passcode. Here’s an example of what encrypted text looks like:
Head over to Encryption Generator on Text Mechanic, type in “The Daily Dot” as the password, press “decrypt,” and read the message. Congratulations! You just decrypted ciphertext into plaintext. At its core, this is how encryption works.
In OPSEC, private communication services stand on a tripod: privacy, security, and accessibility. User experience designers must navigate these three needs. Because it’s largely impossible to maintain privacy and security with accessibility, most services trade some parts for others. The Tor browser, for example, is highly secure and private, but it’s not as fast as Firefox or Chrome.
ProtonMail stands out in part because it’s accessible, private, and secure. All emails are encrypted when they aren’t in transit, and encryption between ProtonMail users is handled as soon as you send a message. The web client feels natural if you’re already familiar with email interfaces beyond Gmail, too.
However, ProtonMail’s accessibility has its limits. Older and younger tech users may be solely familiar with Gmail and have less prior knowledge navigating a separate email client like ProtonMail. This is just one problem Women of Sex Tech Vice President SX Noir points to. A ProtonMail user herself, Noir switched to ProtonMail on the advice of sex workers after SESTA-FOSTA passed. At the time, there was a “huge migration” from public email services like Gmail to private, encrypted services like ProtonMail, she told the Daily Dot. The move came because users working with and discussing sexual material and the sex industry were concerned their accounts would be pulled, which is part of a much larger problem regarding who gets to use the public internet without fear, and who risks account deletion for being themselves.
“As we know there’s a morality judgment as to how and why you can navigate public spaces in digital space,” Noir said, “and that in a post-SESTA-FOSTA world, it was very clear that this moral judgment could mean account deletion, and at the very worst, prosecution around what you’re discussing in your Gmail.”
Since then, many sex workers have transferred back from ProtonMail to Gmail, she explained. That’s because there is more than meets the eye with ProtonMail.
Is ProtonMail worth it?
This reporter has used ProtonMail for approximately two years to speak with sources on and off the record and carry out day-to-day administrative communications. While the technology behind ProtonMail may seem confusing, the Proton team has done plenty of back-end legwork for a clean, efficient, and user-driven emailing experience. ProtonMail still expects the user to have a strong working knowledge of what encryption is and how email works, but most technologically-inclined internet users have the skills they need to get started with their ProtonMail switch. And for power users, yes, you can even access ProtonMail on the darknet via the Tor Browser.
In terms of privacy and security, Proton’s servers are based in Switzerland, which has traditionally privacy-friendly data laws, and emails that are not in transit are encrypted. Paid users can also download the ProtonMail Bridge to access their mail on desktop clients like Mozilla’s Thunderbird, which handles encryption and decryption without having to open a web browser. It’s a fantastic way to minimize a security breach from a potential web exploit on another site.
But ProtonMail has some drawbacks that might not be so obvious to the untrained eye. Encrypted emails do not have encrypted subjects, which means anyone who can access your email metadata can see what you’re corresponding about. This means if you’re under investigation by law enforcement in the U.S., your email metadata may be handed over to investigators. Additionally, ProtonMail offers end-to-end encryption between ProtonMail users, but your emails won’t be end-to-end encrypted between, say, a Gmail and ProtonMail user unless you use the encrypt for outside feature. This may be confusing to newcomers, Anarcho-Tech Collective NYC warns, because ProtonMail’s marketing sets up users to believe they are more secure than they really are.
“Users need to understand that […] the content of their message [to a Gmail user] is encrypted when traveling from the sender’s web browser to ProtonMail, then decrypted when it arrives at ProtonMail’s computer, then re-encrypted for transit to Google, then decrypted again when it arrives at Google’s computer, then re-encrypted for transit from Google to the recipient’s smartphone app or web browser, and then decrypted again so the recipient can read it,” the collective writes. “Sadly, this just isn’t what most people think is happening when they send ‘secure email’ from ProtonMail to their friends using other providers, which seems to be exactly what ProtonMail wants.”
ProtonMail had an enormous learning curve for sex workers’ clients, Noir explained. Many clients are not technologically literate, so it was difficult to explain why end-to-end encryption is important for the provider’s safety. White tech users may assume all ProtonMail users have the same working knowledge of OPSEC, too, because white privilege grants white tech users access to research, guidance, and opportunities required to understand how services like ProtonMail work. Meanwhile, Noir says, Black folks navigating digital spaces may not know the risks and benefits of these technologies “because we’ve never been introduced as to why.”
“To my best understanding, marginalized groups who are having conversations that are typically criminalized, for example sex work or doing political organizing, are punished far more than others because there’s a moral decision as to if they’re accepted in these [public online] spaces or not,” Noir said. “So I will say that groups who are more criminalized for simply being themselves—Black, brown, and queer people—encryption benefits them because they’re able to have private conversations about their lives.”
Like all software designed for your data privacy, ProtonMail is only as secure as its weakest link. This includes human error, too. Blunt warns ProtonMail may give users a false sense of security that prevents them from realistically navigating data privacy. She encourages users to “avoid putting anything illegal in writing, in any capacity,” as an encrypted message can still be forwarded to an unencrypted user. Instead, using coded language and communicating in hypotheticals (particularly in the third-person) are all ways to protect oneself online. But if you’re able to account for these concerns, ProtonMail has a free sign-up process, cheap upgrades, and accessible user interface. It’s certainly worth your time and does provide security. Just be realistic about the trade-offs.
“All there is is harm reduction, and I think that ProtonMail is a good harm reduction practice,” Blunt said. “I’d encourage folks who are new to ProtonMail to read about it and learn what the service provides and doesn’t provide.”
Is there a ProtonMail app?
Yes! ProtonMail’s mobile app is available for both iOS and Android. The ProtonMail app is streamlined in nature to make it easy to access mail on the go. Desktop users can also turn their desktop mail client into a makeshift ProtonMail app using the Proton Bridge, provided they have a compatible program such as Mozilla Thunderbird.
ProtonVPN is ProtonMail’s virtual private network, or VPN. This service lets users hide their identity by connecting to the internet through a server separate from their internet service provider. This makes it harder for ISPs to track what you’re doing, where, and when, because all information on site visits are held by the VPN, and connections themselves are encrypted. For instance, if you try to access OnlyFans through your Verizon internet connection, your ISP knows where you connected from and where you’re going. But if you access OnlyFans with ProtonVPN, Verizon only knows that you’re accessing ProtonVPN.
In terms of features and usability, ProtonVPN has a significant number of servers, including several that run through Tor Relays for increased security. ProtonVPN’s Plus membership will let you access these servers. Before getting started, bear in mind that ProtonVPN is still relatively new. Additionally, reviewers at Wirecutter reported issues with customer support and a PayPal dispute. And while VPNs are useful, they are primarily a form of harm reduction because public internet spaces are not friendly to marginalized folks and political dissidents. In the long-term, VPNs are a band-aid over a much bigger issue: the erosion of online privacy.
“It’s [a] very privileged perspective to say that you don’t need privacy or security because you’re not doing anything ‘wrong,’ when we know for a fact that ‘wrong’ tends to be a moral judgment based off of white, male perspectives in the technology space,” Noir said. “So it’s vital for Black, brown, and queer people to have a space where they can live their authentic truth that historically has been a moral judgment of being ‘wrong,’ not being ‘good.'”
What are good ProtonMail alternatives?
Some alternatives to ProtonMail provide even more enhanced security than others. Tutanota is a free end-to-end encrypted email service that only requires users to create a password for their new account. Free users receive 1 GB of storage. Criptext relies on the Signal protocol, although you must provide a recovery email and can only receive messages while signed into at least one device. MsgSafe.io, meanwhile, is based in Panama and offers encryption at rest, although it does not offer a two-factor authentication option. For more alternatives, visit That One Privacy Site and PrivacyTools.
I’m a whistleblower looking to chat with the press. Is ProtonMail a good way to get in touch?
The short answer: It depends. ProtonMail lets users send end-to-end encrypted messages to each other that cannot be decrypted by a non-recipient, even if a civil suit requests emails or Swiss law enforcement forces Proton to hand over correspondence. In that regard, ProtonMail is incredibly secure.
However, there are limits to ProtonMail’s capabilities. The site warns that it cannot encrypt metadata such as email subjects or recipients, and if a state power institutes a man-in-the-middle attack on a ProtonMail user, that user may be vulnerable. And of course, if your device is compromised, you’ve been phished, or someone hijacks ProtonMail’s encryption code in its servers in Switzerland, end-to-end encryption won’t necessarily help.
There are other risk factors to consider, too, such as whether your identity may be compromised while using ProtonMail. For example, law enforcement may be able to identify your email based on any credit card purchases you’ve made with Proton or if you’ve linked personal identifying information, such as a phone number.
In other words, ProtonMail is fantastic if you’re dealing with information that may be compromising to a non-state entity. But #BlackLivesMatter protesters should be cautious when using ProtonMail specifically to discuss protest activity or long-term organizing. At the very least, consider taking your correspondence from ProtonMail to another service like Signal. And in the meantime, ask yourself why these marginalized groups need harm reduction practices in the first place, and how the internet can be remade for more than just white, male, cishet users.
“What would the need for a sex worker or a Black, brown, and queer person to have to hide their locations? What are we trying to protect ourselves from? And how can the space that we are trying to protect ourselves from be better designed to help us?” Noir said. “And to not only help us, but so that we’re able to navigate the space the same way other people are?”
CryptoHarlem founder Matt Mitchell contributed additional insight into ProtonMail security and Tutanota.