I think that they have a reasonable "business" model, but I forsee the additional need to provide clients for various operating systems and, especially, portable phones and tablets.
Quote:
At ProtonMail, our goal is to guard against mass surveillance..
|
Quote:
... Then, there are the rest of us, law abiding private citizens who simply want control over our online data. We can either chose to live in a world where everybody is under surveillance, or a world where everybody (criminals included) have privacy. We feel that the right to privacy is a fundamental human right, and we are willing to fight and work towards protecting that right.
|
This is a very reasonable and important target. Even in the case of "paper mail," we have some expectation of semi-privacy when we put our messages into envelopes. In the case of "e-mail," however, we are being asked to transmit every message in-the-clear,
and to assent to that message being kept in archive by a third-party (whose legal role should only be that of an agent)
and used by that agent for its own analytical (and advertising) purposes without our knowledge or consent.
We routinely transmit sensitive
web site data through encrypted channels (SSL, https), and we use VPN. But these are all temporal communications. We have no privacy for
persistent communications. (Nor do we have any sort of means of authentication, hence "spoof" mail.)
The companies who have made their business out of
eavesdropping will, of course, $$resist$$ $$it$$ $$mightily$$ and will be $$attentively$$ $$listened-to$$ for $$very$$ $$obvious$$ $$reasons,$$ but I still believe that the tide is at last beginning to turn. The information that we need to send using e-mail (SMTP) is simply too sensitive to permit "vast and arbitrary amounts of it" to be accumulated concerning Every Mortal On Earth.
Furthermore – it's not (just) that "any particular message" is or isn't too-sensitive, but that these vast databases that are being accumulated represent an unprecedented (and disastrous) social vulnerability of their own. If you can, essentially without effort, "know everything there is to know about everyone everywhere,"
and(!) if you are a private corporation, operating without legal protections
and spreading your data to every foreign country where "the cheapest labor" can be obtained ... this is a vulnerability on the order of atomic weaponry. (And no, I don't just say that "for dramatic effect.")
The "millions of messages that pass through SMTP every day"
should not be "effortlessly exploitable" by anyone and everyone in the chain between sender and recipient. Envelopes are required.