Proton Mail Helped FBI Unmask Anonymous ‘Stop Cop City’ Protester

PROTON DOES NOT ACCEPT ANONYMOUS PAYMENTS

Proton claims to support anonymous payments, but they don’t for the following reasons:

A) They don’t accept Monero

Case in point:

I have said in the past that I personally understand Proton’s declared reasons for not accepting direct payments via Monero. I don’t hold it against them. But for the rest, I absolutely do.

B) Proton Cash Payments are not anonymous

Proton cash payments require that you declare your Proton username, which compromises your privacy. Many Proton usernames are linked to real names. When Proton receives a cash payment, a human agent has to manually add the payment to your account. Why? If I can pay Proton via credit cards without human interference reading my profile, why can’t I do the same with cash?

Plenty of privacy companies accept cash directly without requiring you to declare your username (Mullvad, IVPN, Posteo). Why can’t Proton copy their model? Or the model of Tuta and Addy, that accept cash indirectly?

C) Proton gift cards cannot be purchased anonymously

They cannot be bought with cash or Monero.

They can only be bought with credit cards or other cryptocurrencies that are NOT anonymous.

Do you know which privacy companies allow their gift cards to be bought anonymously with cash and Monero?

Tuta. Addy. SMS Pool. SimpleLogin.

Yes, Proton’s SimpleLogin allows their gift cards to be bought anonymously, since before they were acquired, and still Proton won’t follow that model.

All this is extremely poor implementation when you compare it to Proton’s competition who have been doing it well for years. It’s even more egregious that they are doing it right with SL but not with Proton native services.

There’s a bonus reason I won’t mention because I have been preparing a post about it since last year, and I’d rather share it when I have all the info I need. But I suspect someone will hit my bingo card.

I agree that it’s best to use the most private option available. Proton has more private options than credit cards, but the fact remains, as it stands, Proton does not accept anonymous payments.

PAYMENT RETENTION POLICY UNCLEAR:
PROTON, PAYMENT PROCESSING COMPANIES, & VIRTUAL CREDIT CARDS

Are you 100% sure about that?

That is not my understanding.

What about past PayPal transactions? Do you store the PayPal account’s details?

Indeed, it is unclear if deleted payment methods that have been used can be traced to the user.

The way I understand it, Proton does not keep a record of the cardholder name, in fact I don’t even think it is required. They also do not keep a record of the full number of your credit card, just the last 4 digits. They do however, keep a record of the country your credit card is from.

On the flip side, Proton’s payment processing companies, Stripe and Paddle, keep a record of all the digits in your credit card, as well as the country. I was told that both Proton and their payment processing companies keep a record of past payment info for up to 10 years.

Here’s what I don’t understand.

1) If Proton does not keep a record of the cardholder name and only the last 4 digits, how was the owner of the Proton account identified? Did Stripe provide the info?

If it was provided by Stripe, then it just goes to show that Proton’s minimum data retention policy for card payments is moot.

2) Can deleted virtual credit cards (VCC) be traced?

This is an important question to ask all VCC providers. Especially if you use them with Proton and other privacy services.

If I delete a VCC, is it actually deleted, in that my provider also loses all record of it?

Because if a deleted VCC can be traced, that is an issue. I intend to ask my provider, and I recommend you ask yours. And when they give you an answer, ask them to triple-check.

Too many times, I have been told things by customer service agents at my bank and even Proton that were bad information. This is why I always ask them to triple-check with colleagues and superiors.

Proton should follow Posteo’s example.

In 2009, they found a way to anonymize credit card payments.
I don’t see why Proton can’t do the same. Or why they didn’t start doing that from the very beginning since Proton Mail launched 5 years later, in 2014.

This person publicly associated their protonmail they pay for, with a personal credit card, on a public facebook page associated with a questionable movement. They made the probable cause easy for the feds.

This is why you always operate as if you’re being watched, don’t wait till it’s confirmed you are being watched.

That doesn’t change the fact that Proton could have preemptively done more to protect its users. Many of Proton’s competition, which includes email providers, have better privacy for payments. See my two comments above. If Proton had followed their competition’s model, it would have been much harder for the FBI to identify that user through Proton, as they would have much less data to offer.

The way I understand Posteo’s approach, it relies on trusting them not to store connection/with PayPal and credit card payments that they actively delete the connection.

With a system using blind signatures like Taler it should be possible to cryptographically disconnect transactions and accounts.

What I want to say is, Posteo’s approach only protects against somebody trying to tie payment and account together retroactively. They could get forced to change it without users noticing.

A system using blind signatures could cryptographically guarantee to make a connection impossible.

Encase anyone is wondering how Tuta handles “anonymous” payments:

“Gift cards can only be purchased by customers who have provided credit card details or PayPal as a payment method.”
I assume these gift cards are the vouchers we can buy from ProxyStore.

===============================================
Under “How can I upgrade my Tuta account with cryptocurrency?” Tuta seems to be saying the exact opposite.

“We plan to add Bitcoin as a payment method to Tuta in the future. You can already buy Tuta gift cards with the cryptocurrencies Monero or Bitcoin or with cash via our partner Proxystore.”

“To redeem a gift card from Proxystore, please follow the instructions in Proxystore right after ordering the gift card. You will get a gift card link. When you use the link, you need to choose ‘Use existing account’ or create a new account, depending on where you want to apply the credit to. Once you have added the gift card, you can check the credit on your account under Settings → Payment. When upgrading your account, you can now choose ‘Account balance’ so that no payment details need to be linked to your Tuta account.”

=============================================
Finally we have “What payment methods does Tuta support?”

“When booking a paid subscription in Tuta, you can pay via Credit Card (Visa, Mastercard, American Express), via PayPal, or via bank transfer. Payment via bank transfer is only available for business customers in the EU. If you would like to pay your personal plan via bank transfer, please contact our sales team.”

No mention of crypto of gift cards.
It’s like the three sections of their FAQ were written by different people as company policy changed.

As a Swiss entity, Proton is subject to EU’s jurisdiction. They keep saying only Swiss law applies, but that’s incorrect as Quad9 found out.

Deeply unserious to simply regurgitate Proton’s marketing claims as some gospel of truth.

Quad9 has no office or standing in Germany (we are a Swiss entity), but due to the Lugano Convention treaty it was possible for Sony to serve an injunction in Switzerland and drag Quad9 into legal proceedings [in Germany].

Quad9 Turns the Sony Case Around in Dresden (2023).

The problem is the baseless and oft times misleading marketing on the part of privacy providers themselves. There’s a lot of distrust [among people] because there’s a lot at stake. And when the push comes to shove, businesses will do what they ought to do, protect their business interest at all costs, engage in posture talk, confuse deliberately, rather be honest & direct.

What?! Re-read the link you shared. Only the transaction_id is deleted, whatever that means, and that too only from Mullvad’s databases, not from the payment provider’s, who may have it permanently stored for all we know.

Besides, Mullvad is clear that it keeps the rest of the payment information in its own database (regardless of whether the payment provider does or not) for around for 7 years.

Certain payment data must be kept for the statutory retention period described in applicable local laws such as the Swedish Accounting Act (some information must be stored for seven years from the end of the fiscal year).

Services must follow the record keeping laws of where they do business, you cannot expect otherwise.

The point I’m making isn’t that there was purchase data retained. The issue is that you cannot de-associate the payment info from the account holder in Proton. There is a difference between “CarefulMouse uses Proton” and “CarefulMouse uses Proton and also their account name is XYZ”

swap crypto to monero, send to monero wallet 2, swap monero to btc. easy solution.

Yes, Proton should add Monero and be transparent on all the ways your anonymity could be broken since they advertise themselves as pro-privacy more than any other company. They only accept Monero for their “password manager” which just proves they are scared to add it to protonmail for legal reasons.

But it’s still the users responsibility to have good practices regarding their opsec, and being informed on how they could be de-anonymized.

Switzerland is famously not in the EU.

The [Lugano Convention] aims to achieve the same level of circulation of judgments between the EU countries and Switzerland, Norway and Iceland.

…

The [Lugano Convention] follows the present rules of the EU on jurisdiction and the recognition and enforcement of judgments in civil and commercial matters between EU countries.

Switzerland is not part of the EU and surely not part of the jurisdiction. You are highly misunderstanding the framework here.

Probably the best thing would be to create a new account and pay with cash or monero. And don’t use any recovery method tied to your identity in anyway. It would be a pain with Proton Pass but you could transfer to another password manager and then back to Proton with a clean account.

Citation, please. Thanks.

Is Switzerland subject to Lugano? Proton Mail Helped FBI Unmask Anonymous ‘Stop Cop City’ Protester - #63 by ignoramous

If so, what does it mean for Swiss based companies like Quad9 who were dragged through court by Sony Germany?

Not quite the same as being in the jurisdiction…

I guess we mean the same it just isn’t as straightforward as you made it seem.

Hopefully, these (and possibly other) lawyers have not “misunderstood the framework”. If they have, you probably stand a chance to correct them all.

The Lugano Convention (Convention on Jurisdiction and the Recognition and Enforcement of Judgments in Civil and Commercial Matters concluded in Lugano on 30 September 2007, “LugC”) regulates the Swiss recognition and enforcement of judgements in civil and commercial matters that have been rendered in a LugC member state. In addition to Switzerland, the member states are the European Union (and thus all EU countries) as well as Norway and Iceland. It is therefore the most important treaty for recognition and enforcement of private law civil and commercial decisions in Switzerland …

Edit:

We mean different? And if “it just isn’t as straightforward”, please back it up with citations, because you have created uncertainty and doubt in me.

Your claim that Proton must directly follow orders from EU judges is incorrect. Proton ignores foreign requests unless validated through MLAT procedures by Swiss authorities. Article 271 of the Swiss Criminal Code prohibits direct cooperation with foreign entities.

I understand it works this way:

Foreign authority → Swiss Federal Police/Justice (MLAT) → Swiss judge approves → Proton provides the data it has.

This can also be read in proton’ transparency report.

… The only legally binding requests are ones from the Swiss authorities. Under Swiss regulations, we cannot legally comply with foreign requests that are not supported by Swiss authorities (such as the ones addressed directly to us by foreign law enforcement authorities).

The complexity of these laws and international relations is one many lawyers earn good money on. It is not that simple.

Fun fact you can also get such gift cards for proton pass and simplelogin. I would agree it would be nice if it was also available for proton mail, vpn, drive etc.