December 21, 2022 How Secure Is Protonmail?
The concept behind Protonmail is excellent, email that was not being read by the server provider with actual encrypted email box that only the owner could access (unlike free mail providers such as Gmail and Yahoo..). It is like a private postal mailbox. We have used the service several years now and have concluded Protonmail is more of a concept than an actual privacy practice. It is both about the technical side as well as the operational practices of the company. Here are six things that we have discovered.
- Any mail send between Protonmail users is in concept, secure or encrypted. However, outside mail sent to a Protonmail account is going through a router in plain text. Mail sent from your company address to Protonmail is NOT secure. That is the majority of most mail.
- The interface is clunky compared to Zoho mail, ZImbra, and even Outlook. You can see this in how hard it is to delete multiple items at once.
- Protonmail, like any other provider, has given user information to the authorities when petitioned by law enforcement. (Please see the links below).
- Protonmail is expensive for the service they provide ($4USD/month for limited features and 15GB of space) which is touted as private.
- You cannot easily receive meeting requests like you can with Outlook, Zimbra, or even Zoho Mail (Even Google Workspaces is compatible).
- Protonmail does not have native Android or iOS mail integration of most mail services. Therefore you don’t get built in calendaring, contacts, task lists, and so forth on your smartphone. This makes the offering essentially a stand alone email account requiring a special app.
Even for the honest person, the concept of having your communications with other stay private is appealing. This is especially true in nations where targeting the opposing side or anyone who doesn’t agree with you may be rampant. However, after multiple people on our team using Protonmail, we have concluded it is better to look elsewhere based on the costs, the features, and the false sense of security. The idea that your data in Switzerland is somehow safer is a false hope. The service provider you use is under the jurisdiction of the nation in which they operate. Unfortunately, your data is really not secure on Protonmail. You can see an example of that here in the media. In addition, here is another example of Protonmail being compelled by local Swiss laws to track their users. It’s unfortunate, but understandable. People just have to recognize that this isn’t the privacy service it started out to be. Although, it’s definitely not time to start closing your accounts and going to some big tech company’s service.
We recommend you carefully consider who you use for email. Avoid free email as you are giving up personal information (Gmail, Yahoo, GMX, Outlook..) at all costs. You will have to review the options, but for us we have decided to give up on trusting outsiders.
The CIRCLE Cloud team has ramped up our Bizmail service (which we launched in 2007) and will begin offering encryption in the near future. We have just made 2FA (Two Factor Authentication) available for those who want to secure their accounts now.
Like Protonmail, CIRCLE Bizmail also has to comply with local law enforcement in Japan, however we do want to give honest people the tools to get private data private and keep it that way. If you are looking for usable private email, try CIRCLE Bizmail. You’ve got calendaring, fast servers, and truly team collaboration focused services that are better than Zoho Mail, Google Workplace, and even Microsoft Outlook (and the Office 365 offering).
Bizmail is built on Zimbra Collaboration servers with 50M+ users around the world. You can use native iOS and Android calendaring, email, task management, shared everything (email, tasks and much more. Check out Bizmail here. There are Zimbra-based services providers in nearly every country of the world. We just only recommend what we know. Let us know if you have any questions here.