The circumstances surrounding Trump’s election victory has failed to die down yet. Initial it was Russian meddling. Then came fake news on Facebook, Twitter, and other social media platform. The latest on the loop involves data analysis firm Cambridge Analytica,/privacy/Facebook with the social media giant bearing most of the fault.
Yet in all this, one incredible ingredient is still missing- ProtonMail. The self-destructing mail service Cambridge Analytica reportedly used to conceal its activities.
What exactly is ProtonMail? And what does self-destruct email mean?
Protonmail works like any other mail account. But, unlike regular mail client, Protonmail provides password encrypted messages within the system and an expiration timer. You can sign up for Protonmail here or download the iOS and Android app to access ProtonMail on your device.
Once you’re done setting up the account, the platform prompts you to select between two encryption layers; 2046- bit encryption and highly graded 4096-bit encryption. You soon realize that ProtonMail offers two sets of accounts – free and paid accounts. The free plan got restrictions allowing you to send only 150 messages per day and a 500 MB of storage space. An upgrade to their Plus accounts will assure you 5 GB of storage, 1,000 messages per day besides an array of other perks. (The service still has ‘Business’ and ‘Visionary’ pricing options.)
Clicking the compose tab will welcome you to a screen like the one presented below.
A quick glimpse at the bottom left edge, you will notice two distinctive features not available in other mail providers. There is a timer icon where you can set the expiry period of the mail. This can be for your preferred number of hours, days, or weeks. After that, the message will self-delete itself after the time duration set has passed. Another thing about this timer is that it counts right when the message is delivered and not when opened by the recipient. With that, no message or its copy remains on the server. Besides, non-enciphered messages you get are saved in encrypted form.
This (timer) feature, however, will not work when sending emails to mail accounts outside ProtonMail and it won’t have your messages deleted.
But don’t get discouraged, there is another alternative to sending encrypted messages to email users outside the ProtonMail network.
Clicking on the lock icon on the left of the timer displays a pop-up window where you can encrypt your message with a password. This ensures that the message is deciphered only with a shared identity. This together with the self-destructing timer will ensure messages are away from intruding eyes and that your message content is not stored on external servers once Protonmail deletes them.
As for Cambridge Analytica, it covered its tracks by advising clients to use ProtonMail services and setting up its emails to self-destruct after two hours.
Now that sounds shady, right? But how did they pull away with it? ProtonMail Servers.
So what about ProtonMail servers?
ProtonMail writes proudly on its website homepage of its servers being in Switzerland. Not only that the company too is incorporated in Switzerland. By all means, we all know the Swiss have strict information privacy laws. Likewise, the company boasts to be running the most secure mail service it is only account holders who have universal permits to their emails, not even the company itself could access its subscriber’s emails even if it wanted. In extension, ProtonMail says it neither collects personal details nor store IP addresses of newly created accounts; so you can set up a purposely anonymous address.
But it is the zero-access encryption that attracts a lot of scrutinies. In ProtonMail’s own expressions, since all their data is out of the realm of far-reaching US agencies, its only encrypted messages that can be produced in event of a charge made against them to Swiss highest court. That means that not even the litigation of EU or US agencies can compel the firm to hand over its subscribers information. However, we think that’s what we call an audacious claim; if we can recall what befell Lavabit in 2015 and Hushmail back in 2007- two secure email company which bragged of a similar claim but were forced by the government to turn encryption keys, then ProtonMail military like security may indeed not be true. Why?
The legal quagmire.
Switzerland, like any country, has treaties with the US and other foreign countries. And these mutual legal treaties requires a country to hand over the information deemed sensitive within their local laws to a foreign state upon request. That ProtonMail may be in the Swiss does not mean that the Swiss laws will be a roadblock or can provide a blockade in case the US government request for data in an individual mail account within the Swiss jurisdiction.
The ProtonMail server location and framework is merely a means to provide the best protection its users may require. The greatest protection may come from the technology itself.
Nonetheless, whether you are not into privacy, ProtonMail with onion sites through the Tor network is inevitably the choice for a press, activists, and individuals concerned about their government intrusive privacy laws.