1. They claim to respect privacy and - to date - have done nothing to suggest that they don’t.

If you ignore all the fast and loose they play with privacy, sure, there is “nothing to suggest” they don’t respect it.

IT’S OPTIONAL (there goes the “aggressive push” bit)

It’s not an aggressive push if you ignore the part where they repeatedly use the foot in the door technique where they first promise they won’t do something, and then later do it anyways.

They claim it is optional but they just shove a pop-up in your face about AI, while misleading you about how it works. This is about 1 step away from how most companies “allow” you to “preserve your privacy” by carefully clicking “no” to a long list of popups suggesting you give them cookies and share your emails etc.

This may be easy to dismiss as “problem between keyboard and chair” but when it predictably leads to many users thinking it’s off but being surprised when they find it turned on without them realizing it it’s not much consolation

NOTHING EXCEPT FOR THE PROMPT IS SENT TO MISTRAL (there goes the “reads all emails” bit)

How do you figure that works? The server somehow corrects your spelling mistakes without reading the email containing the spelling mistake? Again, End-to-end encryption is a core advertised feature of protonmail, and this completely sidesteps it while actively misleading users into thinking it doesn’t

Sure you can look at it as just a bit of politicking (if a poorly thought out one), but it’s really just the tip of the iceberg. Proton hasn’t done anything that clearly crosses an unacceptable line, but they’ve made a lot of other highly questionable decisions in a relatively short timespan

oh, actually now that I looked it up closer, starting about 9 months ago they did a foot in the door manuever (a survey with leading questions followed up by misrepresenting the results) and then aggressively pushed an AI service that, you guessed it, tries to read all the emails you write and receive, totally undermining the end-to-end encryption. (the claim is it works locally, but most users have their data processed on the proton servers unencrypted)
And the way they did it is straight out of the enshittification playbook where they first promise that it’s “business only” and then later try to push it to all users, and claiming it’s off by default while it’s actually on by default

https://pivot-to-ai.com/2024/07/18/proton-mail-goes-ai-security-focused-userbase-goes-what-on-earth/

(this article only covers the early portion of the debacle)

this isn’t even all the problems with proton either, though all the other things are pretty minor by comparison (eg. quitting mastodon “because it’s too expensive to maintain” (?))

The most popular alternative seems to be tutanota, though there should be a lot of alternatives though they may be very niche

(it seems tuta has some technical limitations if you want to do automated emailing, and the UI is a bit clunky, but it’s not a privacy or security problem)

What started it I think is this twitter post praising trump and the republican party: https://xcancel.com/andyyen/status/1864436449942110660

He later doubled down on it (if I recall correctly) and the company has generally been making some highly questionable decisions since

rebugging, if you will

found this update from 1 month ago:

https://euro-stack.com/blog/2025/3/schleswig-holstein-open-source-digital-sovereignty

what the actual amount of progress is seems to be buried under bureaucracy-speak but I got 3 useful sentences out of it so far:

Configuration via group policies

MS Office can remain installed in parallel, until October 2025

Goals for october 2025: LibreOffice should be the sole standard office software on around 70% of the state administration’s IT workstations

so to me it seems they’re currently slowly doing a MS office -> LibreOffice transfer, but they’re still all using windows (as the use of “group policy” implies)