alt Hacker News> Protonmail is widely believed to be compromised and some evidence supporting this has come forth in two separate incidents in the last year.
There has been no evidence of this, stop spreading misinformation. They're clear on what they can and can't hand over and what you can do to reduce the information that they can hand over like billing info. For some inexplicable reason people expect a corporation to disregard legal government warrants and subpoenas. Thinking any company would do this is next level delusion. Even if you self-hosted, you wouldn't be able to escape this because it would just end up with you in jail.
The only protection against that is end to end encryption. And to this day Proton has handed over zero data that falls under their E2EE umbrella.
At best, even if you assumed that they were collecting incoming/outgoing emails before encryption it would be nonsensical to think that this wasn't happening to other providers, it's just the nature of email. Nobody who cares about absolute privacy should be using it as a means of critical communication regardless.
The notion that Proton capitulates and somehow hands over your emails or other encrypted data is false and completely unsubstantiated. Unlike Google on the other hand, who will hand over your entire inbox unencrypted with zero issue to DHS/the FBI merely for writing a letter to an attorney:
https://www.washingtonpost.com/investigations/2026/02/03/hom...
I would put Phrack's reputation up against ProtonMail's 10 times out of 10.
https://redact.dev/blog/proton-mail-journalist-suspensions-c...