2022 Review: ProtonMail
Disclaimer/Disclosure of Interest: The New Oil has a ProtonMail affiliate link. If you sign up for a paid plan using this link, we get a small financial payment. As always, a non-affiliate link will also be shared.
What is Zero-Knowledge/End-to-End Encrypted Email & Why Do You Need It?
Encrypted email is a bit of a misnomer. Technically all emails are “encrypted” using technologies such as TLS but in this context I'm specifically referring to “end to end” encrypted (sometimes called “zero knowledge”) email providers. This means that the provider can’t read your inbox, which is – in my opinion – a must-have for any person who values their privacy and security. Many people argue that zero knowledge email providers are overhyped – or worse – because you’re only securing half of the chain. If I’m emailing someone at a Gmail address, the contents are still exposed on Google’s servers. However, in my opinion, that’s still cutting your attack surface in half. If we’re both using Gmail – or if one of us is using another provider like Yahoo – that’s just twice the opportunity for a data breach, warrants, or an insider threat. Sure, you may not get the full benefit without both parties using encryption, but it still counts for something. See my past post about how privacy is a spectrum for more on that logic. With that said, let's look at one of the most popular encrypted email providers out there: ProtonMail.
Proton has a lot to like. The company is based in Switzerland, a land notorious for having pretty strong user data privacy laws. Signup starts off strong by offering an Onion site (we’ll get to the downsides of this later) which allows you to access the site anonymously via the Tor network, and offering anonymous payment options like cash and Bitcoin (which can be made anonymous with the right work). So far, so good.
On the technical side, Proton has been repeatedly audited and repeatedly found to be secure and sound. They are also based on PGP, which in my opinion is great because it allows non-Proton users to initiate encrypted communications with you (otherwise you would have to email them first with a password-protected email). To be clear, PGP itself is not without drawbacks, but again – privacy is a spectrum, and it's better than not using it at all.
Finally, Proton is an ecosystem. With your account you get access to their VPN service, encrypted calendar, and encrypted cloud. Now of course, this is optional. Some users may not want to put all their eggs in one basket, others may simply find another solution superior for their needs, however I know I personally have met resistance in the past when trying to get people to care about privacy with responses like “Google just makes it so easy, they have email, calendar, Drive, etc.” Well now we’ve got something that can compete with Google, an all-in-one solution that those who want such an ecosystem-type experience may find just what they needed.
Proton is not without flaws, and unfortunately in this case they are few but significant. For example, Proton’s Onion link sign-up is broken. Originally it simply redirected you to the “clearnet” version of the site. They fixed this, except now you may be asked to provide additional verification when you try to sign up. They say that this data is not linked to you, but personally this still makes me uncomfortable for people who are actually trying to be anonymous. Most people probably don’t need anonymity but some do. I hope to see Proton find a better solution for this sooner than later.
Speaking of sooner and later, Proton’s app experience is incredibly inconsistent. For example, there’s a Calendar app for Android but not iOS. For the VPN, my iOS and Windows apps updated within a few days of Proton’s branding update, but the Android app took several weeks to follow suit. Proton Drive doesn’t even have an app, requiring the web browser exclusively for use. This can be maddening, especially for customers of a company attempting to create an all-in-one ecosystem. How can I be part of your ecosystem when it’s only accessible under specific conditions? What good does a Drive do me that’s only accessible via the browser? What if I want to use Calendar but I’m an iOS user? This all stems from Proton’s philosophy of “if a feature is ready to roll out, why wait?” which makes sense but it creates a hodgepodge of inconsistent experiences for users.
Email is not secure. I think that’s always worth pointing out. Email was never designed to be 100% secure. You never know who might print it or forward it, and there’s also a bunch of super-technical issues with both email itself and PGP that literally cannot be fixed. Society would have to adopt an entirely new protocol to fix them. You should never trust your life to email (which is one reason why Snowden didn’t just email his documents to people). Yet email is still a widely-used tool that permeates almost every service we use in some way, shape, or form. For that reason alone, it’s worth trying to get a secure email provider to mitigate the risks as much as possible. ProtonMail is a solid choice of email provider with multiple layers of data protection (both legal and technical), PGP-based encryption for interoperability, a free tier that should work for most users, and some great bonuses like green energy, the above-mentioned VPN/Calendar/Drive, and a number of other features that set them apart from even established, mainstream competition like Gmail. I strongly encourage you to check them out, maybe sign up for a free tier, and see how you like it.