Are Proton Contacts private?

Although they can’t be easily synced to and from your mobile devices, Proton contacts are still useful, especially as a way to easily backup your contacts.

However, they’re not fully encrypted. Everything except the name and email address are encrypted.

Proton’s explanation for not encrypting email addresses is:

The name and address fields are not encrypted (although they are digitally signed – see below). This is so that we can actually send and receive the emails.

(and later on:)

In order to do email filtering, we do not encrypt email addresses – doing so also does not significantly improve privacy because as an email service, we necessarily must know who you are emailing in order to deliver the message.

Are Proton Contacts still private?

1 Like

makes sense.

following.

I disagree with the reasoning of proton that this can’t be encrypted. Surely it will be needed on sending, but I do not send emails to all the contacts I have.

Neither does the name need to be sent along, so that’s kinda BS.

2 Likes

I think this is where spam filtering comes in.

If this was not a thing, you’d get internal spam from within Proton and if the entire field remains encrypted and they cannot suspend the offending account with confidence. They’d rely on reports that could be falsified because there will be no easily verifiable(?) proof on their side. Lets say I dont like you in this scenario: I could get other 50+ accounts to report you as a spammer. Proton could manually check it, but not at scale, when thousands of reports could be sent per day.

2 Likes