[TheRecord] ProtonMail forced to collect an activist’s IP address in police investigation

Switzerland-based email provider ProtonMail said it was forced to log the IP address of one of its customers after it received a legally binding order from the Swiss government that it couldn’t legally appeal or decline.

The incident, which came to light over the weekend, has caused some unrest among the company’s users as ProtonMail had boasted numerous times in its public marketing campaigns about its no-log policies.

However, in a Reddit comment on Sunday and in a blog post published earlier today, ProtonMail said it was cornered by Swiss authorities earlier this year.

Case related to anti-gentrification protests in France

The incident is a complex one and is related to a series of anti-gentrification protests that took place in Paris in the summer and fall of 2020 when a group of activists named Youth for Climate forcibly occupied a series of squares and buildings in the Paris district of Place Sainte Marthe, in order to protest companies buying real estate and hiking up rent prices up to four times for local residents.

The group apparently used a ProtonMail email address to organize their protests (jmm[redacted]@protonmail.com), a detail that came to the attention of the real estate companies and French police, which was called in to evacuate the group and investigate its members.

Last week, the website Paris Luttes (Paris Struggles) revealed that French police worked through Europol to contact the Swiss government and asked for help in obtaining details about the email address owner’s identity.

ProtonMail said it couldn’t fight the legal order

“In this case, Proton received a legally binding order from the Swiss Federal Department of Justice which we are obligated to comply with,” a ProtonMail spokesperson wrote on Reddit over the weekend.

The order effectively forced the company to log the IP address used by the French activist to log into their ProtonMail inbox.

“There was no legal possibility to resist or fight this particular request,” ProtonMail CEO Andy Yen said earlier today.

“Under Swiss law, it is also obligatory for the suspect to be notified that their data was requested, which is not the case in most countries,” he added.

However, the ProtonMail CEO said that an accompanying gag order also prevented the company from disclosing this incident to the user while the investigation was underway.

On the other hand, Yen also highlighted that despite the fact that they were forced to comply with Swiss law, the Swiss legal system is far more robust than the legal systems of other countries.

“The Swiss legal system, while not perfect, does provide a number of checks and balances, and it’s worth noting that even in this case, approval from 3 authorities in 2 countries was required, and that’s a fairly high bar which prevents most (but obviously not all) abuse of the system. […] Finally, Switzerland generally will not assist prosecutions from countries without fair justice systems,” the ProtonMail CEO added.

Yen said ProtonMail encryption was not bypassed in the investigation.

He also said that email and VPN services are treated differently in Switzerland, and authorities can’t use the same legally binding order to force the company to log the details of its VPN product.

Either way, the entire incident left a bad taste for most of the company’s users.

With several ransomware gangs having abused ProtonMail addresses to ransom victims for more than half a decade, most users are upset that Swiss authorities decided to help an investigation related to a climate activist rather than one related to a ransomware group.

Hol’ up…

So France police manages to get ProtonMail to release information about /climate activists/?

Good thing they don’t take ransomware that seriously, I guess 🤷‍♀️

— E (@nemesis09) September 6, 2021

The post ProtonMail forced to collect an activist’s IP address in police investigation appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[SecurityWeek] Apple Ships iOS 15 with MFA Code Generator

All posts, Security Week

Apple on Monday rolled out a major refresh of its flagship iOS mobile platform, adding a built-in two-factor authentication code generator and multiple anti-tracking security and privacy features. read more Source: Read More (SecurityWeek RSS Feed)

Read More

[SecurityWeek] Consumer Group Lodges EU Complaint Against WhatsApp

All posts, Security Week

The European Consumer Organisation announced Monday it had lodged a complaint with the European Commission against Facebook’s attempt to modify the terms of service for the WhatsApp messenging service. read more Source: Read More (SecurityWeek RSS Feed)

Read More

[TheRecord] DDoS botnets, cryptominers target Azure systems after OMIGOD exploit goes public

Threat actors are attacking Azure Linux-based servers using a recently disclosed security flaw named OMIGOD in order to hijack vulnerable systems into DDoS or crypto-mining botnets. The attacks, which began on Thursday night, September 16, are fueled by a public proof-of-concept exploit that was published on the same day on code hosting website GitHub. The […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.