ProtonMailImage Credit: Paul Sawers / VentureBeat
**This article was updated on March 16, 2020, to reflect additional input from Proton, which told VentureBeat that it would only use Google’s infrastructure in very limited situations — and that it won’t be directing actual connections through Google as this article originally stated. However, due to the nature of this new tool and the adversaries that it is looking to counter, the company is unable to disclose exactly how the technology works.
Proton Technologies, the company behind encrypted email provider ProtonMail, has announced plans to circumvent censorship by using “alternative routing” techniques which will rely on third-party infrastructure and networks, which may include the likes of Amazon, Cloudflare, and Google — a company that ProtonMail has long been critical of over its privacy practices.
Proton, which was founded out of Switzerland in 2013 by academic researchers working on particle physics projects at CERN, promises ProtonMail users full privacy via client-side encryption, meaning that nobody can intercept and read their emails — it has frequently positioned itself as the antithesis of Gmail, which serves as a vital cog in Google’s advertising wheel. ProtonMail, on the other hand, has emerged as a prominent privacy-focused alternative, used by companies and individuals — including White House staffers and activists — wishing to sidestep snoopers. Thus, ProtonMail has faced its fair share of censorship, with the likes of Turkey, Belarus, and Russia all blocking the service in recent times. This is something that Proton is now pushing harder to counter with its new backup solution.
ProtonMail + Google
The new tool, which will be deployed over the next few weeks in the ProtonMail desktop and mobile apps, is designed to sidestep any blocks imposed by network administrators, internet service providers (ISPs), or governments. However, given that blocking a service often involves blocking the company behind its infrastructure, Proton said that it’s having to turn to alternative infrastructure providers to ensure that its users are always able to connect — even if that means relying on technology from its archenemy Google.
“Because blocking Proton usually involves targeting Proton infrastructure, alternative routing requires us to use third-party infrastructure and networks we do not control, some of which might belong to companies such as Amazon, Cloudflare, Google, etc., which do not have a good track record of privacy,” the company wrote in a blog post.
While this doesn’t mean that ProtonMail users’ actual data will be at risk, it could mean that some information — such as IP address and knowledge of their attempt to connect to ProtonMail — will become visible via those third parties. It’s worth noting here that Proton is also developing other non-email products, including an encrypted calendar and cloud storage service, which will also leverage this new routing service.
The rerouting technology will activate automatically if Proton detects that a user’s attempt to access its service is being blocked, though this can be deactivated in account settings. Some may argue that such a feature should be opt-in rather than opt-out, given that many of the people who are likely to impacted by a block will be keen to maintain complete privacy. However, it’s clear that this option is very much being treated as an emergency solution for those who absolutely need to access their email, calendar, or cloud account, and not everyone would necessarily be aware enough of this feature to proactively switch it on.
“Like most solutions to difficult problems, our anti-censorship system is not without drawbacks,” the company wrote. “While we have largely been able to overcome censorship and attacks, it’s imperative that we remain one step ahead of those who would seek to spy on people and restrict the freedom of information. Alternative routing is an additional capability which helps us ensure users can access our services.”
It’s worth noting that most people will likely never need to use Proton’s alternative routing functionality, but those living under censorious regimes may well find it useful.
Either way, it’s interesting to see that Proton — which has previously said that Google’s “entire purpose is to spy on you and sell your private information to organizations” — may now have to rely on some of its infrastructure to ensure 24/7 access to all its users globally.