this post was submitted on 02 Oct 2024
49 points (100.0% liked)

Proton

5340 readers
10 users here now

Empowering you to choose a better internet where privacy is the default. Protect yourself online with Proton Mail, Proton VPN, Proton Calendar, Proton Drive. Proton Pass and SimpleLogin.

Proton Mail is the world's largest secure email provider. Swiss, end-to-end encrypted, private, and free.

Proton VPN is the world’s only open-source, publicly audited, unlimited and free VPN. Swiss-based, no-ads, and no-logs.

Proton Calendar is the world's first end-to-end encrypted calendar that allows you to keep your life private.

Proton Drive is a free end-to-end encrypted cloud storage that allows you to securely backup and share your files. It's open source, publicly audited, and Swiss-based.

Proton Pass Proton Pass is a free and open-source password manager which brings a higher level of security with rigorous end-to-end encryption of all data (including usernames, URLs, notes, and more) and email alias support.

SimpleLogin lets you send and receive emails anonymously via easily-generated unique email aliases.

founded 1 year ago
MODERATORS
 

The new "Omnibus" law in italy tries to block piracy by basically creating a situation in which you will face jail time if you get caught watching an illegal streaming (or your IP does) and ISP and IP providers (they name VPN and DNS services) will face jail time too if they don't notify the authorities of "illegal activity" done by their users.

E.g. if I watch a soccer streaming from a pirate site, apparently, my VPN provider (in this case, Proton) will have to notify the authorities that I am watching that pirated content.

This is madness in so many ways, starting by the fact that the law implies that both my ISP and my VPN provider must spy my traffic to see if I am watching any illegal content.

I wanted to know if Proton has anything to say about all of this for their Italian customers. How are you guys going to face this? Will you simply stop providing the service? Will you ignore the law because you are not an italian company? Or will you spy our traffic to see if we are watching a soccer game?

I'm quite worried right now about the implications of this law to my privacy. Not because I pirate content but because the punishement for those who don't notify the authorities means that to avoid legal problems, services like Proton will have to actually read our traffic.

top 8 comments
sorted by: hot top controversial new old
[–] [email protected] 20 points 1 month ago* (last edited 1 month ago) (1 children)

My reading of the article is that providers are "made aware" by the rights holders, not by general monitoring of communications on their network.

It’s true that Article 15(1) of Directive 2000/31 prohibits the imposition of an obligation on an ISP to carry out general monitoring of information that it transmits on its own network.

Sounds to me that, in practice, rights holders will notify providers of suspected infringement, triggering their requirement to report to authorities, and it goes from there.

I'm not sure how this would work for a VPN provider. It seems that rights holders could only notify them of suspected piracy websites, as client traffic would be invisible to them. I also wonder how Italy can enforce their laws on the providers outside their jurisdiction, beyond compelling IP blocking to all non-compliant VPN servers in the world.

I have only performed a cursory, sleepy reading of the article, and I didn't follow the links to the relevant legislation. Happy to be corrected.

[–] [email protected] 6 points 1 month ago (1 children)

Sounds to me that, in practice, rights holders will notify providers of suspected infringement, triggering their requirement to report to authorities, and it goes from there.

Yes. You are right. But if hypothethically my ip gets somehow reported, it could trigger this "awareness". Can proton know what I'm browsing?

[–] [email protected] 15 points 1 month ago (1 children)

Can proton know what I'm browsing?

Absolutely. Your VPN provider is in a position to know what you're browsing. It's up to us to determine if their track record and public statements align with our values. Ideally, the VPN doesn't log this info.

In the case of the ideal VPN, the rights holders would likely not even have access sufficient to determine if the VPN is connecting to "illegal" sites. That would require the ISP to provide this information to rights holders. In this case, it would seem the onus would be on Proton to take the report and look at their logs -- which don't exist -- and then report the clients (found in their nonexistent logs) connecting to that service to Italian authorities.

My understanding is that this changes nothing for VPN users. The real question is how Italy can enforce it. It seems they would need additional legislation to block access to non-compliant providers, likely at the ISP level. Slippery slope.

[–] [email protected] 5 points 1 month ago

Thanks for the reply. Makes everything easier to understand. I guess we're going to see a boom in vpn subs in the next months thanks to soccer mafia.

[–] merde 18 points 1 month ago* (last edited 1 month ago) (2 children)

from https://protonvpn.com/features/swiss-based

We are headquartered in Switzerland, which has some of the world's strongest privacy laws. Switzerland is also outside of EU and US jurisdiction and is not a member of the 14 eyes surveillance network.

When you connect to Proton VPN, you enjoy the same legal protections that ensure the privacy of all Swiss citizens. Proton VPN is built by the same group of scientists who met at CERN and founded Proton Mail, the largest encrypted email provider. We are based in Switzerland, allowing us to pass the benefits of Swiss data protection on to you.

Under Swiss data protection regulations, we are not required to comply with requests that are not supported by a Swiss court order.

they don't have to respect laws made by Mussolinette & co.

[–] [email protected] 8 points 1 month ago

Mussolinette is a great name lol

[–] [email protected] 1 points 2 weeks ago* (last edited 2 weeks ago) (1 children)
[–] merde 1 points 2 weeks ago* (last edited 2 weeks ago)

this has been discussed many times on this community

iirc, that person didn't use a vpn to hide their ip in addition to using an apple service with their real name from that same ip.

if you're just degoogling, why not but if you're an activist you should be more careful.

  • from the article you linked

While Swiss law can compel email providers to log user data, the same rules do not apply to VPNs, which ProtonMail's parent company Proton Technologies also offers.