Thank you for your response @jonah. Seems it’s not totally outside the realms of possibility that – whether Proton can be forced to or not – they may have the means to determine (and store) the actual IP addresses of Proton Mail users who are using Proton VPN (without Tor).
Probably nothing for the vast majority of people to be hugely concerned about, but it’s a potential risk some adverse users may wish to consider.
Well, I (and Privacy Guides) always advocate for “technical” guarantees over “policy” guarantees. If Proton controls your network infrastructure from end to end, I think it’s fair to simply point out that you’re not protected from them attacking your network.
Proton generally agrees, which is why they say:
While we continue to push the legal and policy frameworks in our community’s interest, ultimately, the best protection we can provide users is through the laws of mathematics, which are unyielding and unchanging. Today, the privacy by default provided by Proton’s products is derived primarily from our usage of zero-access encryption and end-to-end encryption.
It’s plainly obvious that these protections are not the protections Proton VPN provides.
I think that VPNs are largely misunderstood tools, and that people should not grow accustomed to relying on them in situations where they aren’t suitable. VPN marketing already makes this far too confusing to consumers.
The difference between this situation and the hypothetical thread you proposed is that you would be saying PG actually is, which is not an evidence-based opinion, so to answer your question no it would not be allowed.
On the other hand, threads merely suggesting how PG could improve its trust and recommendations are frequently had here and are of course allowed.
No need to get so upset about it. Merely a discussion, and Johah makes a good point.
You just source and say law can change…
In that case it doesn’t matter if the laws change to log IPs in Switzerland or in the country of your VPN…and with that, using another VPN burdens the same theoretical risk…
If privacy laws change I have no doubt you would hear about it here.
Regardless, it was not a legal concern that was queried (and we have gone way off topic). I asked whether using Proton’s VPN along with their suite of products should be a privacy concern. Seemingly there could be an issue, perhaps one that is negligible for most, but it’s up to individuals to make their own decision on whether they want to accept any risk once it is highlighted to them.