
Response to false statements on surveillance made by Martin Steiger - BafS
https://protonmail.com/blog/martin-steiger-false-statements/
======
Quanttek
Martin Steiger also responded. Addendum 2 in his blog article [1]:

Tonight, on 29 May 2019, ProtonMail responded to this article with a blog post
entitled „Response to false statements on surveillance made by Martin
Steiger“. (This article was published on 23 May 2019 and not „earlier today“
as claimed by ProtonMail.)

ProtonMail claims that this article is „factually incorrect“ and states first
and foremost that it does not voluntarily offer assistance for real-time
surveillance. Apart from that, ProtonMail does not respond to the many points
raised in this article.

ProtonMail essentially refers to my addendum, where I point out that the
public prosecutor in question contacted me, saying he had been misquoted.
ProtonMail of course „forgets“ to quote my full addendum and shows an
incomplete screenshot of my addendum. ProtonMail quotes only the part with the
public prosecutor’s claim and not my explanation why I am confident that the
public prosecutor was not misquoted. ProtonMail also claims that the addendum
is „hidden at the bottom of Mr. Steiger’s article“, although it is linked
right at the beginning of this article.

In a direct email to me, ProtonMail’s legal department confirmed that real-
time monitoring could be carried out. The legal counsel of ProtonMail now
argues that ProtonMail is after all a provider of derived communication
services and that having to tolerate surveillance carried out by the Swiss
Federal Post and Telecommunications Surveillance Service (PTSS) according to
Art. 27 para. 1 SPTA is equal to an obligation for real-time surveillance. In
addition, ProtonMail threatens to take legal action for defamation pursuant to
art. 174 of the Swiss Criminal Code.

As mentioned above, the SPTA provides neither for providers of derived
communications services without more extensive surveillance obligations nor
for telecommunications service providers with reduced surveillance obligations
an obligation for real-time surveillance. As also mentioned above, ProtonMail
used to claim to be a telecommunications service provider with reduced
surveillance obligations. In either case, there is no obligation for real-time
surveillance, i.e., any real-time surveillance is performed voluntarily by
ProtonMail.

ProtonMail once again argues contradictorily and inconsistently. Every user of
ProtonMail must still decide for himself whether the email service is
trustworthy.

[1] [https://steigerlegal.ch/2019/05/23/protonmail-real-time-
surv...](https://steigerlegal.ch/2019/05/23/protonmail-real-time-
surveillance/)

------
kstenerud
It's absolutely necessary in today's outrage fueled world to get your
statement out as quickly as possible. The longer it takes to get a response
out, the more the outraged masses dig in, and the less likely the truth will
stand in peoples minds after the dust settles.

~~~
teh_klev
"A lie is half way round the world before the truth gets its boots on"

------
everdrive
The conversation we had yesterday on this topic was not very productive. One
thing I'd like to see is a clarification about what surveillance actually
means to a user. Does it mean:

\- Providing IP address details?

\- Providing message contents?

\- The police compelling you to provide your password?

\- Anything else I'm missing?

It would be nice to avoid equivocating "surveillance" and stick to a common
definition so we can argue the merits of each potential practice.

~~~
__HYde
They have done several things including:

\- enabled IP logging against a specific user account

\- disabled an account and rendered assistance

\- comply with the data request, to the extent that it is possible, given our
cryptography.

The unknowns are what assistance they render and what extent is possible for
them to comply with data requests. They have complied with requests without
court orders in cases when they believed a court order was inevitable. They
have also delayed reporting incidents at the request of authorities in order
to not endanger victims.

[https://protonmail.com/blog/transparency-
report/](https://protonmail.com/blog/transparency-report/)

------
wDcBKgt66V8WDs
I'm not going to get into the meat of the drama here but I do want to say, and
I hope the protonmail team is reading, the value of protonmail for me isn't
even in protecting me from state actors and whatever they're proud about for
being in Switzerland etc.

The value of their service to me is primarily:

\- they aren't mining my communication for ad revenue or the enabling of any
convenience features which indirectly leads to ad revenue

\- should someone (perhaps not nation state) gain access to their storage,
that attacker can't see the plaintext of my past mail. Perhaps this doesn't
stop them from monitoring incoming/outgoing unencrypted mail, but at least my
life history is secure.

I guess they're trying to get this across with their marketing/branding but it
always felt a little more over the top to me than the more practical feelings
I have about it if that makes sense.

I know some people will say "go with google because their security team is the
best" and maybe that's true but my threat model here is googles business
model, not nation states. Would it bother me if I found out Protonmail was
colluding with nation states etc, yeah, maybe enough to switch providers
should one of similar quality exist. Now to read into this kerfluffle...

edited for formatting

edit post read (quote from Steigers second addendum regarding protonmail
response):

> ProtonMail once again argues contradictorily and inconsistently. Every user
> of ProtonMail must still decide for himself whether the email service is
> trustworthy.

The decision I'm making, and this shouldn't be surprising given my initial
comment above, is that I will continue to be a happy paying user. I agree the
advertising is kind of misleading, but I always had the pessimist view that
the service might give away more than their marketing/branding tries to let
on, whether voluntarily/knowingly or not.

I am a little disappointed that protonmail didn't respond more directly to
some accusations, I guess they might not want to if they're suing for
defamation (according to Steiger?). Am also a little disappointed that both in
their response and in their HN comment they said he "hid" something on the
bottom which was clearly linked. Though I think he could have done a better
job of highlighting the content of that addendum where it was relevant in the
article, I wouldn't call it hiding given the link.

I would be happy to see the marketing/branding take a shift towards my more
practical viewpoint of it and maybe this incident will encourage that. I have
friends/family creeped out by google/yahoo but when they go to the home page
for protonmail they tell me (in different words) that the branding is too tin
foil hat. The value is there for them otherwise but hard to get past that.

Anyway back to work...

~~~
daveslash
_" my threat model here is googles business model, not nation states"_

Same here, for this Proton Mail user. I am, of course, attracted to the idea
of keeping my mail private from nation states, but Google (and most other
providers) is a bigger thing in my (personal) threat model.

~~~
wDcBKgt66V8WDs
Agreed and I'm not the type to be like "well I've got nothing to hide" but the
reality is email is a requirement for modern life and I'm guessing nation
states can intercept my plaintext mail in places besides the servers of my
mail provider so...

------
w8rbt
They have metadata (ips, ports, date, time, bytes, etc.) and can be compelled
to release it. This can be (and is) used to correlate activities and make
accusations, obtain warrants, etc.

Metadata is very powerful and is captured on every network. It's a byproduct
of the requirements of the network and its protocols. How many bytes were
sent? To where from where? How long was the session? etc. They may not know
what the data contained, but they'll know everything else down to the second.

~~~
__HYde
> can be compelled to release it

Yes, but the point that they are contending is whether they _voluntarily_
provide this data.

------
YayamiOmate
Can someone answer simple question regarding privacy value.

What exactly protonmail has/can disclose by law obligation? Only encrypted
message? "Envelope" meta data? Something else?

I think this is important to understand this to assess their service before
calling alarm bells that it's useless or storing criminal correspodence there.
I couldn't grasp it clearly from the message.

~~~
cLeEOGPw
As I understand they can provide real-time ip address information about the
suspect account.

~~~
nabnob
Why was this comment dead? From this article
([https://steigerlegal.ch/2019/05/23/protonmail-real-time-
surv...](https://steigerlegal.ch/2019/05/23/protonmail-real-time-
surveillance/)) it appears to be true:

>In its transparency report, ProtonMail explicitly mentions the possibility of
real-time surveillance („ProtonMail may also be obligated to monitor the IP
addresses which are being used to access the ProtonMail accounts which are
engaged in criminal activities“). ProtonMail even mentions a current case of
real-time surveillance:

>"In April 2019, at the request of the Swiss judiciary in a case of clear
criminal conduct, we enabled IP logging against a specific user account which
is engaged in illegal activities which contravene Swiss law. Pursuant to Swiss
law, the user in question will also be notified and afforded the opportunity
to defend against this in court before the data can be used in criminal
proceedings."

------
Lowkeyloki
The original blog post from Steiger did seem suspect to me when I read it
earlier today when this story broke. What's still unclear is what the motive
would be to make up or exaggerate such a story.

------
gwern
And what about the statement in their own transparency report that
corroborates it, which is a major part of Steiger's case? This response is
pure bluster and indicates Steiger is right.

~~~
__HYde
Which statement in their transparency report corroborates it?

~~~
gwern
See the original discussion and also original blog post, to which Proton is
signally failing to respond.

------
JdeBP
For more context, see
[https://news.ycombinator.com/item?id=20044336](https://news.ycombinator.com/item?id=20044336)
and its parent.

------
patagonia
Your snail mail’s “metadata” is inspected and saved. Your snail mail can be
intercepted. The snail mail system is a public good if ever there was one, and
managing it is done with the whole in mind.

If the s-mail system were used to deliver viruses daily, and in large volumes,
I wonder what the reaction would be? Would we say, “Those individuals have
every right to utilize the s-mail system to deliver deadly viruses as they
like. It is the receiver’s responsibility to not open those packages.” How
many people that disproved of e-mail “surveillance” also disapproved of s-mail
surveillance during post 9-11 anthrax attacks? I wonder.

------
whenchamenia
This is a rather poor refutation of the claims made. I hope they can do better
or I forsee a mass exedous. Who is a good alternative?

