I’m aware that this is a very silly sounding question, but I’m very confused about what’s going on here.
If the subject of this investigation had been using ProtonVPN to connect to ProtonMail, would this have (in a marginal way) protected their anonymity? If ProtonMail can be compelled to begin logging, surely the same must be said of ProtonVPN right?
It’s interesting how many “privacy focused” companies tout being based in Switzerland as some big badge of honor, which a layman consumer such as myself is supposed to be really impressed by due to the overall reputation of “Swiss privacy laws.”
In practice, I’ve never been to Switzerland. I don’t know any person that has had any legal issues there, let alone someone that’s litigated a digital privacy case there. I do not speak German or French, and don’t know where to start when it comes to looking up specific cases or court proceedings, so I’d be extremely slow on the uptake of the actual ins and outs of how the Swiss privacy model works from a practical standpoint.
The “based in Switzerland” thing strikes me as a bit of a black box bit of marketing speak. How much time, energy and money did ProtonMail expend fighting this surreptitious logging mandate? Does “Swiss privacy” actualy mean anything if ProtonMail is happy to hand over your IP address when spooked?
I used to work for a now defunct Swiss company that had “Swiss quality, security and privacy” plastered all over the website and marketing materials. The number of actual Swiss people on the team could be counted on one hand, the rest of developers being from every European country out there, with the most represented ones being Ukraine and Romania. And from talking with my coworkers, the situation is the same across other Swiss IT companies.
I would not pay any attention to the “Swiss X” marketing.
Almost every company in Switzerland that produces software has a bunch of eastern Europeans on the payroll, that either immigrated to the country or work remotely. But if the company started in Switzerland, or management and especially senior devs are based in Switzerland, I feel like that's good enough to apply the "Swiss quality" marketing because the Swiss _do_ have high standards and expected high quality of work produced.
So, you are complaining that they had immigrants working for them? They are part of the EU free movement region, so that is hardly surprising. Immigrants on the payroll don't change whether or not a company is Swiss.
Were they inside the country? Were also they subject to Swiss laws? Aren't these the things that would make a company Swiss? Even if the company was started by a person that isn't Swiss, I'm pretty sure it is still a Swiss company if it is initially located in Switzerland and governed by Swiss laws.
I am not complaining about the company hiring immigrants and allowing remote work across the Europe. I just haven't seen anything inherently Swiss in it, anything different from any other European company I worked for, that would justify the "Swiss quality" marketing.
Then why would you bring up the nationalities of the folks working there instead of pointing out things about the quality that you find lacking as compared to the advertising?
There wasn't any of that there. The only detail in the complaint was about the non-Swiss folks working there. And I really, really don't understand how it just isn't low-key racism. Could you explain it better for me?
The comment (and what people expect of a "Swiss product") was about the local/nationak law environment which certainly always holds true (for better or worse). "Created by Swiss people" as a feature would be a rather meaningless in the modern world.
"Crypto AG was a Swiss company specialising in communications and information security. It was secretly jointly owned by the American Central Intelligence Agency (CIA) and West German Federal Intelligence Service (BND) from 1970 until about 1993, with CIA continuing as sole owner until about 2018."
> The “based in Switzerland” thing strikes me as a bit of a black box bit of marketing speak. How much time, energy and money did ProtonMail expend fighting this surreptitious logging mandate? Does “Swiss privacy” actualy mean anything if ProtonMail is happy to hand over your IP address when spooked?
it does not; witness the swiss banking system's capitulation to the US, crypto AG, etc
Swiss banking was doing business in the US on US soil, they didn’t capitulate, they greedily extended beyond swiss borders and got caught helping foreign people evade their taxes with employees outside swiss borders.
As far as I know, Swiss laws regarding online privacy aren’t all that great. They’re even more regressive than other countries. Swiss quality doesn’t mean much in software, if anything most Swiss companies are very much behind in terms of best practices or modernity of software. Whenever I see “Swiss software quality”, I run the other way now that I know how the sauce is made.
Even the government sucks at online security, see the debacle of the city of Rolle and the cyberattack they suffered last month. If this is not pure ignorance and incompetence, I don’t know what is.
Not even mentioning several “made in Switzerland” software company whose only claim to Swissness is that they have an office with two people in Switzerland and all the rest are European or Indian contractors (not that these people are worse, just that it’s a marketing thing to tout Swiss software if you’re going to outsource 90% of your development offshore)
Most of the time, claiming Swiss anything is a marketing move and an excuse to justify charging much much more for something.
I don't have any opinion about "made in Switzerland" for software (other than that it does make a good impression for my customers), but anecdotally (at least when shopping within Switzerland) I have noticed that the "made in Switzerland" stuff at the store is better quality. And sure it's more expensive, but all the crap products are expensive too.
Shhh, the entire country runs on similar myths, most prominently banking. But then, all that the common man is capable of understanding is myths, sooo ...
I'm Swiss and I volunteer for an organisation called Digital Society Switzerland. Although much smaller (and less powerful) we are similar to what the EFF is doing but on a national level.
I can only confirm your doubts about the "Swiss privacy laws". The current laws in Switzerland are very week (at least compared to the GDPR) and it has powerful surveillance laws in place (6 months data retention for telecommunication data, mass surveillance of internet traffic entering and leaving the country). If at all, being based in Switzerland as a privacy friendly company is rather a risk than giving you a "badge of honor".
I can only speculate where this myth and reputation of "Swiss privacy laws" is coming from. I guess it is related to the bank secret we had in place for a long time: It allowed you to own a bank account anonymously. While many states (especially the US) protested strongly (and for good reasons), it gave Switzerland an aura of discretion.
Completely unrelated, the only company I know of that deserves the "it's Swiss so it must be top notch" is Victorinox, their pocket knives and multitools are second to none quality wise.
> It’s interesting how many “privacy focused” companies tout being based in Switzerland as some big badge of honor, which a layman consumer such as myself is supposed to be really impressed by due to the overall reputation of “Swiss privacy laws.”
I believe it comes about due to the old trope of Swiss banks being the most secure places to hide money, which of course is not true and hasn't been for a long time. Even in that period, I am sure they complied with Interpol/Europol requests to divulge account details of evil masterminds with a beeellion dollars hidden away in a Swiss vault.
If the subject of this investigation had been using ProtonVPN to connect to ProtonMail, would this have (in a marginal way) protected their anonymity? If ProtonMail can be compelled to begin logging, surely the same must be said of ProtonVPN right?
It’s interesting how many “privacy focused” companies tout being based in Switzerland as some big badge of honor, which a layman consumer such as myself is supposed to be really impressed by due to the overall reputation of “Swiss privacy laws.”
In practice, I’ve never been to Switzerland. I don’t know any person that has had any legal issues there, let alone someone that’s litigated a digital privacy case there. I do not speak German or French, and don’t know where to start when it comes to looking up specific cases or court proceedings, so I’d be extremely slow on the uptake of the actual ins and outs of how the Swiss privacy model works from a practical standpoint.
The “based in Switzerland” thing strikes me as a bit of a black box bit of marketing speak. How much time, energy and money did ProtonMail expend fighting this surreptitious logging mandate? Does “Swiss privacy” actualy mean anything if ProtonMail is happy to hand over your IP address when spooked?