I know there are plenty of software missing from here. This is just a fun infographic I made, no need to take it seriously :)

        • kadu@lemmy.world
          0·
          4 hours ago

          Any compliant commercial service will share user data with authorities - you don’t get to operate a company and skip local laws. That’s a non argument.

          What’s important is what “user details” they had on hand to share. If I create my service in such a way that I have zero data about you except some random useless string, I can “hand over all user data” to authorities and it would mean absolutely nothing for your privacy.

          • pyre@lemmy.world
            0·
            3 hours ago

            except they shared the IP address of an account even though they state “No personal information is required to create your secure email account. By default, we do not keep any IP logs which can be linked to your anonymous email account. Your privacy comes first.” on their homepage

            • UltraMasculine@sopuli.xyzEnglish
              0·
              2 hours ago

              If I understood correctly from Proton’s privacy policy, VPN does not log IP addresses but at least in some circumstances Mail does. This is from their privacy policy:

              Due to limitations of the SMTP protocol, we have access to the following email metadata: sender and recipient email addresses, the IP address incoming messages originated from, attachment name, message subject, and message sent and received times.

              One thing must be remembered: Even Proton must follow the law and rules.

            • andronicus@lemmy.world
              0·
              2 hours ago

              It’s right there in your copy-paste my dude, “BY DEFAULT”.

              The jackass(es) who actually was at risk went the extra step to enable IP address logging, which means that when Proton had to comply with a lawful court order, they actually had data to give.

              Proton is a company like any other that has to comply with laws in the country they operate in, but unlike a lot of other companies, they don’t log data UNLESS YOU ASK THEM TO.

              Moral of the story is, like has oft been repeated, know your threat model and plan appropriately.