this post was submitted on 12 May 2025

68 points (95.9% liked)

Privacy

37753 readers

797 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

Mullvad or Proton VPN? (lemm.ee)

submitted 19 hours ago by MrCatCookies@lemm.ee to c/privacy@lemmy.ml

54 comments fedilink hide all child comments

Well, just that. Wich is stronger against trackers, hackers and doxxing threats? Proton VPN (I'm using this one actually), or Mullvad VPN?

you are viewing a single comment's thread
view the rest of the comments

[–] Vaie@lemm.ee 12 points 19 hours ago (2 children)

Mullvad hasn’t yet shown themselves fed- friendly.

Proton has.

Mullvad is the answer.

[–] utopiah@lemmy.ml 16 points 14 hours ago* (last edited 14 hours ago) (1 children)

Source please, we in the /privacy community genuinely want to learn so when such things do happen, we all benefit from factual information. Please do not assume we all know what you are referring to. It is particularly in this kind of cases when, for example with Signal what was "shared" with authorities is basically irrelevant, cf https://signal.org/bigbrother/ so we must be precise.

[–] Vaie@lemm.ee 4 points 8 hours ago (3 children)

Proton has cooperated with subpoenas on multiple occasions leading to the user’s arrest.

While they may challenge them, the point is that they have cooperated and thus are not reliable. There are no reported cases of Mullvad doing the same.

There are ample links from multiple sources that describe this with a simple search.

[–] throwawayacc0430@sh.itjust.works 7 points 7 hours ago

That's because no one running a service will go to jail for you. None.

Not ProtonVPN, not Mullvad, not IVPN, not Lemmy Instances.

Imagine you run one of these, and you received a lawful order in your jurisdiction.

Turn over data or go to jail for a long time.

Would you go to jail to protect user privacy?

The only thing Proton does better is because they are under Swiss Jurisdiction, which has stricter control over when a court order can be issued. But if a court order goes to Proton, they can't ignore it.

Also: Protonmail =/= ProtonVPN, they are under different laws. In Switzerland, Mail providers have to provide IP addresses upon a subpoena, VPN providers do not. If those users had used ProtonVPN to access their Protonmail, they'd be safe.

[–] EngineerGaming@feddit.nl 7 points 8 hours ago (1 children)

To be fair, if your safety depends on whether a particular company cooperates with authorities, you'd better rethink your OPSEC.

[–] silentjohn@lemmy.ml 1 points 1 hour ago

Proton has cooperated with subpoenas on multiple occasions leading to the user’s arrest.

My thinking is, if the CIA (or whatever country's equivalent) is on to you, it's pretty much jover.

[–] utopiah@lemmy.ml 2 points 7 hours ago* (last edited 7 hours ago) (1 children)

Please do provide a link, especially if it's very easy to find. I'm not saying anything you say is wrong, only that if it's not an opinion, then a link from a trusted source helps other to understand the situation.

[–] GnuLinuxDude@lemmy.ml 4 points 6 hours ago* (last edited 6 hours ago) (1 children)

It's a somewhat convoluted story. Here are some links

The takeaway is when he logged into his Protonmail they logged his IP address which helped track this individual down. But note that Reddit thread I linked. I also cannot find that much information about "what happened next," or the details of who was arrested and why.

There may be other examples, but this particular case kinda hit the rounds back when it happened.

[–] throwawayacc0430@sh.itjust.works 5 points 5 hours ago

Excerpts from your third link https://www.wired.com/story/protonmail-amends-policy-after-giving-up-activists-data/

As usual, the devil is in the details—ProtonMail's original policy simply said that the service does not keep IP logs "by default." However, as a Swiss company, ProtonMail was obliged to comply with a Swiss court's demand that it begin logging IP address and browser fingerprint information for a particular ProtonMail account.

According to multiple statements ProtonMail issued on Monday, it was unable to appeal the Swiss demand for IP logging on that account. The service could not appeal both because a Swiss law had actually been broken and because "legal tools for serious crimes" were used—tools that ProtonMail believes were not appropriate to the case at hand, but which it was legally require to comply with.

ProtonMail also operates a VPN service called ProtonVPN, and it points out that Swiss law prohibits the country's courts from compelling a VPN service to log IP addresses. In theory, if Youth for Climate had used ProtonVPN to access ProtonMail, the Swiss court could not have compelled the service to expose its "real" IP address.

Proton did not voluntarily log IPs, they were under a lawful court order and were out of appeal options.

Like I said, no one running a service will go to jail for you. None.

Not ProtonVPN, not Mullvad, not IVPN, not Lemmy Instances.

If a legal court order is received, they will conply after they run out of appeals

Imagine you run one of these services, and you received a lawful order in your jurisdiction.

You can choose to turn over data or go to jail for a long time.

Would you go to jail to protect user privacy?

That's why its not only a company's privacy practices you need to worry about, but also the jurisdiction. Choose a service that's is in a privacy friendly jurisdiction.

Also, this is about Protonmail, which is under different laws than ProtonVPN.

[–] dubyakay@lemmy.ca 11 points 16 hours ago (1 children)

When did Proton show themselves fed-friendly? Also what "fed" are we talking about? The Swiss Federation?

[–] PunkiBas@lemm.ee 5 points 11 hours ago (1 children)

I guess he's referring to this

[–] BevelGear@beehaw.org 4 points 9 hours ago

Proton's statement from the linked article

"We are aware of the Spanish terrorism case involving alleged threats to the King of Spain, but as a general rule, we do not comment on specific cases. Proton has minimal user information, as illustrated by the fact that in this case, data obtained from Apple was used to identify the terrorism suspect. Proton provides privacy by default and not anonymity by default because anonymity requires certain user actions to ensure proper OPSEC, such as not adding your Apple account as an optional recovery method."