To be completely fair, there are good arguments against Proton’s behavior here.
-
They don’t make it clear anywhere during the process to add a recovery email how that data is stored. It is not unreasonable for a non-tech person to assume everything is encrypted at an encrypted email service, so Proton is not helping people make good opsec decisions.
Even a simple line like “share a recovery email address with Proton” would be an improvement. “Set account recovery methods” is less obvious.
-
Proton uses dark patterns to get people to add a recovery email to their account. The statement they published after this story broke makes it sound like adding a recovery email is an exception to their “privacy by default,” when in fact they really push for having a recovery email to be the norm.
None of this changes anything about Proton’s service and how good it is, but all products can be improved.