Why Switzerland?

End-to-end encryption

A question we often get asked is, Why is ProtonMail based in Switzerland and are there any real advantages?

We believe there are and in this article, we will share why. The first thing that comes to mind is that Switzerland is outside of US and EU jurisdiction. Unless you host your servers on a boat in international waters, you will need to be under some legal jurisdiction and in the post-Lavabit environment, this choice is particularly important. A common misconception is that the EU offers more legal protection than the US, but many of the same surveillance directives that exist in US law also have EU counterparts, in particular, German law may actually offer less legal protection than American law.

Switzerland however, is NOT part of the EU (a fact they like to remind the EU of every once in a while), and Switzerland applies a very different set of privacy laws.  In the US and EU, gag orders can be issued to prevent an individual from knowing they are being investigated or under surveillance. While these type of orders also exist in Switzerland, the prosecutors have an obligation to notify the target of surveillance as soon as possible, and the target has an opportunity to appeal in court. There are no such things as National Security Letters and all surveillance requests MUST go through the courts (this is not the case in Germany). Furthermore, while Switzerland is party to international assistance treaties, such requests for information must hold up under Swiss law which has much stricter privacy provisions.

Nearly every country in the world has laws governing lawful interception of electronic communications. In Switzerland, these regulations are set out in the Swiss Federal Act on the Surveillance of Postal and Telecommunications Traffic (SPTT) last revised in 2012. In the SPTT, the obligation to provide the technical means for lawful interception is imposed only on Internet access providers, so ProtonMail, as a mere Internet application provider, is completely exempt from the SPTT’s scope of application. This means that under Swiss law, ProtonMail CANNOT be compelled to backdoor our secure email system. Furthermore, any attempt to extend the SPTT will inevitably fail because the Swiss public is strongly opposed to any extension and an extension could be subject to a public referendum.

This combination of factors means that a Lavabit like situation cannot occur with ProtonMail. However, ProtonMail has taken the Lavabit concept one step further and actually does not even possess the keys required to decrypt user data. As a result, even if ProtonMail was forced to turn over all our computer systems, user data is still safe.

We believe that comprehensive security can only be achieved through a combination of technology and legal protections and Switzerland provides the optimal combination of both. By coupling Switzerland advanced IT infrastructure with its unique legal environment, ProtonMail can deliver a service that is both reliable and secure.

For more information about internet surveillance in Switzerland and requests for information made to ProtonMail, please view our Transparency Report.

Share This!Share on RedditShare on FacebookEmail this to someoneTweet about this on Twitter

51 comments

  1. Switzerland may be the best you can do, but in recent decades Switzerland has bent to the will of the American empire. Take bank secrecy, for example. At one time, bank secrecy was very strong in Switzerland. Now, bank secrecy in Switzerland has eroded alarmingly.
    Aside from the purely legal threats that Protonmail faces, you also likely to face attacks based on the U.S. world wide banking hegemony. All sort of businesses that displease the American Empire are being cut off from banking services.

    1. The bending of Swiss banks to the US has to be taken in context. Giving up the information of American tax-evaders is one thing, but violating personal privacy rights is a line the Swiss government is much less likely to cross. While the banks had information to give up, ProtonMail doesn’t actually have unencrypted user data to share.

    2. There is no real advantage Switzerland has over any one else. We saw what happened with all these wealthy billionaires hiding money in Swiss Bank accounts. Thanks to Mr. Birkenfeld, the IRS now has their asses and UBS is no longer a secret. Nor is any Swiss bank. Once the US gets involved, being as they have the best engineers, the best scientists, it’s over. Protonmail is great in concept, but it’s no safer than anything else out there currently. The Swiss government is corrupt and bankrupt. Way more than the USA’s is. But the advantage the USA has is they have the best everything on their side.

      1. Also, the voters of Switzerland don’t generally vote the best people into office. Nor do we, but having been there many times, you’d be disgusted at their “democracy”

        1. Swiss direct democracy does have its downsides, in the years we have lived there, we have seen some pretty terrible measures passed via referendum. However, none of them have involved compromising privacy.

        2. @Roy

          You said:
          ” The Swiss government is corrupt and bankrupt. ”

          corruption:
          Wrong, check out the results of any reasearch study or key figures. we are one of the uncorupptest countries. (place 5 or 7 of all the countries, so quite nice)

          bankrupt:
          what a complete crap! we stand there as sweden, one of the few countries which has much less than 40% dept / citizen. (check out the International Monetary Funds, Eurostat, whatsoever).

          As far is i know the USA has around 100%, Itally around 130%, Germany, 84%, etc…

          “More swiss government is more corrupt than the US government. ”
          Sorry guy thats simple not true.

          – we are not stealing data of the whole world.
          – we are not surveilling our citzitens without court order (and trial… )
          – we are not allowed to go on war. (we can only defend ourselves)
          – we are free people because we pay taxes freely (only valid now for swiss people, not foreigners!!)
          – we have huge problems because of our success. One problem is the huge amout of immigration which destroys our free, green, nice landscape or architecture-style (we do not want to build 1000 m hight – this is tokio or new york style ! (Also very nice, since i was in N.Y and liked it, but not the way i want to have it at home!)

          So, have a nice day, Ciao!

          1. good lines, but don’t do the “immigrants are the culprit” crap.
            You are wrong on that, *but* the line with the success holds monetary wise. Since Switzerland is balanced and stable, everybody is buying Franken.

            But this also has a downside, as you can see in the next weeks, if the Franken won’t get weaker.

      2. No idea where you got those weird information from, Switzerland has half as much debts per person than the US and regarding to transparency international on 7. place of the Corruption Index 2013. The US on 19. place.
        Get over this ‘we are the best in the world in everything’ attitude, it’s childish.

      3. I don’t think you know how Protonmail works. Even if they are ordered by the Swiss Government to give up information. They have very limited information to release. Besides a username and your login password (not your email password). Good luck to the US retrieving anything else. I think you have been watching to many American spy movies.

    3. Ah not necessarily the US my friend…BANKERS are the ones who control the world NOT Governments! Governments are merely the pawns of the BANKERS! Being an ex-banker from “back in the day”, I’ve seen it in action! Don’t be so quick to condemn the Swiss…They still are our last refuge.

      1. And Iceland is not so bad; they booted out their bankers and politicians with pots and pans! :) I see that Russia is cleaning up some of its mess by booting out the predator IMF.

  2. Please explain all encryption used to protect login password and if that password remains encrypted on your servers or is destroyed…

    1. We only have a salted hash of your login password on our servers. The login password needs to come to the server in some form, there’s no other way to authenticate the account.

      1. Actually, there might be an even safer authentication process to be found, maybe through Zero-knowledge proof of password, or at least any form of strong cryptographic auth challenge to avoid the sending of a password or any other secret over the network (we should not fully rely on SSL), don’t you think? Anyhow, kudos for your work! :-)

    2. Seriously?? why not just say make the whole thing Open Source??? Seriously you ask that kind of question???

  3. As a former Lavabit user I applaud you in your attempt to provide a service that exceeds lavabits level of protection. I look forward to using your product that will help my personal business grow in a safe and secure manner.

  4. I am based in Mumbai (India) i want to know how do i use yourservice?

    Since this is a new concept like to know if you are planning to have any distrbutorship out of Switzerland?

  5. Is Protonmail purely web based or is it possible to configure MS Outlook or other email client to be able to use it?

  6. I think instead of criticizing the ProtonMail team, people should enjoy the hard work they’re putting in. Not everyone is capable of doing as clean and clever a job as they do. They really put their hearts into it, and I really cant wait to see my invite pop in my inbox. As a matter of fact, I verify my inbox practically all the time all day long on all my devices no matter where I am. I can’t wait to have my ProtonMail account! I trust you guys to do the right job! Go, guys, go!

    1. Can I get an AMEN! Yes, you are very right! Anyone with any kind of coding background should be in AWE of these guys! SHOUT THEIR PRAISES FROM THE MOUNTAIN TOPS because they are doing something more than merely TALKING about it!

  7. Very happy to have my protonmail account active, there is trust and there is floss, how much of the code will eventually be floss?

  8. No one has mentioned what a great message this sends to Yahoo and Google, perhaps in the future they will think twice about compromising our privacy when their accounts take flight and move to Switzerland. I’m a Swiss/American and I’m familiar with the downside of both countries. I’d trust the Swiss to look out for personal privacy before I’d trust the US.
    Thanks for your contribution to making our lives safer ProtonMail.

  9. This new improved encryption software program is a needed improvement over existing encryption methods. Just to let you know that some computers (HP and maybe others) have had hardware level keystroke loggers built-in for the past several years that are not detectable. With HP back in the Windows XP days, it was done with a plastic DIP IC hardwired between the keyboard and mainboard and had heat-shrink sleeving over it. Now, it may be directly on the main board…a detailed technical analysis would be needed for verification.

    Now, there is a new problem that directly affects microprocessors. The following article title should get your attention.
    Title: “BEWARE – Got an Intel Centrino or newer processor? Such as an i3 this would include the Centrino, Core2, All ‘i series’ processors, all Atom series processors, all Celeron series and Pentium processors released after the Intel Core2 series.”

    About six months ago (November 2013), someone who claimed to work for military intelligence contacted me through one of the unlisted mail boxes. He said that all Wi-Fi, and all broadband modems, in fact all Internet connected devices have two simultaneous log ins afforded by two separate hardware paths built right into all Internet capable hardware, one that the user sees, and one that remains perfectly hidden and cannot be found by any software or anything else, that logs into a different network on the same Internet and simultaneously sends everything you do straight to the NSA. It’s a hardware level hack that operates completely independent of software and remains completely isolated from it. This man also had something else to say:

    He stated that every Intel processor since the Centrino processor, (this would include the Centrino, Core2, All I series processors, all Atom processors and all Celerons and Pentiums released after the Core2 series) have a separate – on die central processor the user never sees that has the specific job of snagging all encryption keys and keeping a permanent back door to the main processor open to the NSA no matter what the user does to protect data.

    Now, obviously absent a military intelligence tip you won’t get information on this topic, but there are ways to get hints at whether or not what this man said was true. For example, The Centrino and subsequent Pentium M series processors were designed entirely in Israel and if you think a Jewish nation has any respect for Goy data, other than what they can glean from it, go ahead and keep buying “Intel”. Centrino technology was subsequently integrated into Core2 and after that all I series Intel processors.

    The full article text is on the website below.
    http://theunhivedmind.com/wordpress3/2014/05/22/beware-got-an-intel-processor-centrino-or-newer/

  10. What if a smartphone manufacturer were to see all your keystrokes anyway? Most smartphone keyboards nowadays come built in with cloud-syncing, personalized suggestions / dictionaries. Not sure I feel safe entering my passwords on a smartphone. What if that were to happen for Desktop browsers too?

    1. With open source browsers that will be detected faster than closed source ones. Same goes with operating systems.

      There are “Msg/month”. Is that going to increase after beta or is it just beta stuff?

      1. The monthly message limit was just increased to 1000/month. We may increase this further, right now it is set to avoid people using ProtonMail to send spam.

  11. Thank you Protonmail team, for your effort in tying to make our life a little more safe and private. Just a word of advise if I may. Each of you, watch your back. There are no limit to what governments are ready to pull as retaliations. Freedom is just an illusion. Slavery is on the rise.

  12. This provides an extra measure of security between essentially warrant less data collection and the end user. By forcing the DoJ to operate through Swiss courts, it ensures that investigations are in fact legitimate and are not simply broad, sweeping investigations of anyone and everyone, which can most certainly include political dissidents, in essence helping to secure democracy against the agitations of the 21st century.

  13. I don’t buy this quoted (fine) difference between internet service provider and internet application provider as having any legal basis.

    The document TR_TS_v3_1_20121109 “Guidelines for Lawful Interception of Telecommunication Traffic” do not deal with such semantic differences and hence all LI rules/laws apply too to Protonmail..

    To be honest, I don’t think the people who originally formulated the law would have been able to understand the difference and couldn’t care less anyway.

  14. A further clarification of Protonmail’s obligation is provided in “Guide to the “Registration Form for Providing
    Telecommunications Services”

    which states that:
    ———————–
    2 Obligation to register
    The principles of a telecommunications service provider’s obligation to register are regulated in Art. 4 of
    the Telecommunication Act (TCA):
    Art. 4 Obligation to register
    1
    *Anyone providing a telecommunications service must report this to the Federal Office of Communications
    (OFCOM). ”
    ————————–

    And if you read the definition of TSP you will see that Protonmail fulfills the 3 criteria :

    1) “transmission using telecommunication”
    2) “of information”
    3) “for third parties”

    Furthermore:

    —————-

    I agree that protonmail does not provide internet access (but this is simply categorising your type of business, is not a determinant as to whether you are covered by this legislation or not..) as defined in Section 3 “Registering telecommunications services” , but this is covered by inclusion in Question 5 “Other Services”.(catchall bucket..)

    Hence, seems to me, Protonmail is covered by Lawful Interception in Swiss legislation.. Unfortunately.

  15. encrypted mail (end to end) is great. i trust in a swiss based provider more than most others freely available this days. unfortunately most other encrypted, anonymous and free providers are gone this days (or you get very techy and out of the box). proton’s offer sounds pretty good. proton with independently encrypted (pgp for example) mails in top of it (double encrypted!?) should surely do the job for the near future. it is not about what i send to somebody (99% of the time), it is about the fact to cause maximum problems to ANYBODY reading my ‘good morning mom and happy birthday’ mail!!! my mail is my mail! my phone call is my phone call – therefore RedPhone or Signal for calls on cell, pgp on every email + protonmail etc. as long as it is email! encrypt, double-, triple encrypt. trust nobody (but your friends – and even them not always). sounds paranoid? it is! so is your government!

  16. Dear protonmail!

    I would like to ask . In the nearly future will be audited this project? 

    And all of us have to big thanks to help us keep the privacy.

    God give you power to keep this project alive!
    :)

    1. Thank you for the support! We regularly do tests and ask for help with auditing our server architecture. We plan to open source ProtonMail at some point in the future!

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

ProtonMail

Copyright © 2015 Proton Technologies AG. All Rights Reserved.