That has been going on for decades, actually. What has changed is that people are looking at it.
The massive shift of communications to digital channels has put mountains of data right there for the grabs, which is extremely attractive for people who want access to all that data.
German here, look how fucking often our politicians tried to push stuff like the Vorratsdatenspeicherung.
The Patriot Act isn't on equal footing as these Chat Control-esque laws we're seeing. The US government spies on people, sure, but they're not mandating encryption backdoors or trying to outlaw VPNs.
From a recent EFF post[0], it appears they've backed off the scanning and encryption demands so that's good, I guess. Hopefully that sticks and they don't propose something similar in the future.
0: https://www.eff.org/deeplinks/2025/12/after-years-controvers...
People read this and think that US government had unhindered access to all data in major providers.
According to Edward Snowden, PRISM allowed the government to compel internet companies to turn over any data that matched specific court-approved search terms. such as email addresses, all under Section 702 of the FISA Amendments Act of 2008.
At least some parts of it were likely unconstitutional as it could target U.S. persons, but it was not free for all as "straight access" indicates. It was straight access after FISA court approval.
NSA runs much more invasive MUSCULAR program in the UK without FISA or other type warrant.
https://en.wikipedia.org/wiki/Dual_EC_DRBG#Weakness:_a_poten...
This came after previous attempts such as https://en.wikipedia.org/wiki/Clipper_chip
So in my opinion, it’s a band-aid to more deep seated problems that more often than not creates new problems. I don’t know enough about how EU intends to do. I guess even eventual mandatory declassification (like a reasonable 5 yrs delay) would deter bad actors/politicians that aren’t well meaning from misusing it.
It's certainly not compatible with privacy.
The US conducts mass surveillance at a planetary scale, as an "Empire". It was implemented secretly by its 3 letter agencies with the help of various actors.
Europe is doing it in the open with laws and regulations and only targets the people in its territories. One simple reason they would have to do this way is they simply have no equivalent in capabilities to the NSA, CIA, etc. or big tech.
There's also lobbying from "security" companies who are pressuring governments to purchase and install their systems, but they require realtime spying of everyone.
With recent AI advancements, an orwellian hell is all but inevitable. If you (by which i mean the powers that be not you specifically) don't build it then some competing faction will and they'll be in control of it. Its the classic prisoner dilemma.
Governments are never perfect. They are always in a precarious position where they can turn quite harsh quite quickly. I can't speak to each EU nations politics but things have been turning towards the right for a while and they are finally in positions where they can make these demands and get them passed.
It’s a win-win for the politicians and the pensioners that vote them, that believe any nonsense about children safety.
Something I realized recently is how low the approval ratings of European leaders are:
- Macron and Starmer are about 18%
- Mertz is 25% (only 6 months in)
- Von Leyen is 23%
This is ridiculous.
We often perceive Trump as highly unpopular but he is cruising between 40 and 50%, that's double.
So those leaders, according to the numbers, are becoming illegitimate or the system is broken. So we are just waiting for a spark to put the house on fire.
Mass surveillance within your territory is really a weapon against your own population, it is not to catch spies (they are trained to evade them).
I didn't know the approval ratings were this low.
Because they look at what happened US, at the rise of popularity of fascism throughout the world (which is mostly perpetuated by key media players under the mask of being "anti-woke"), and basically decide that the people can no longer be trusted.
And they are fully correct.
Ive said this before on here, but the whole idea of privacy from surveillance is not applicable anymore in todays world.
The standard line of arguing is that people should be able to speak the truth free from government knowing about it and trying to silence them. The problem with this
* Most of the "truth" that these people refer to has been literally false propaganda, or ability to say slurs on social media.
* Despite that fact, not a single public media person speaking these lies has been silenced in any way by the government, despite things like patriot act existing in US or equivalent things in EU. The only time people have been silenced in places like UK is when posting extremely out of pocket stuff.
Furthermore people also say that you don't want to give the government the power to do this now because a government that you may not like will want to do this. Well, to no one surprise, the people with this libertarian mindset (and the so called "centrists") overwhelmingly vote right wing, and consequently, right wing runs on a platform of freedom, but when those people get in power, they not only actively tries to silence actual truth and free speech, but also they just don't give a fuck about the law and do what they want anyways.
So as unfortunate as it is, its a much better outcome for the current state of administration in EU to take a more invasive role in policing the populace, because economic growth and stability over long term is worth way more than some idealistic approach based on above. Historically this has shown to be true over and over again, while the latter has shown to result in economic decline. So its wortwhile to sacrifice some personal rights in return for a better future - we already do this to a large extent so this is nothing new.
In terms of applicability to the regular person, please understand that the privacy ship for you has already long sailed. You already can be tracked and analyzed in extreme detail, by really any person or company that is willing to buy advertising data and do correlation. There are companies that literally do this and contract out to the government. Also, you aren't that important enough to care about.
I want very secure email that’s US located because some of the contents are US regulated, I’m not worried about the US hacking me and I doubt if they really wanted my information I could do anytyhing to keep it from them.
I’m sure there are people that would love Switzerland.
To each their own.
They started to copy the infrastructure, and the data is currently in Switzerland, Germany, and Norway. They can technically shut down the systems in Switzerland on short time. He (Andy Yen, CEO) always hoped they'd never need to take such steps, but the environment in Switzerland is too insecure for them at the moment. So they had no other choice but to plan their way out.
(Also, HN is an English-language site, so articles here should be in English - https://hn.algolia.com/?dateRange=all&page=0&prefix=true&que... - even though we have deep respect for the German language and other languages)
I seem to recall that one of their original selling points was that they were based in Switzerland which does not have data sharing agreements with the US under the Patriot act, unlike the EU.
Cynical view - they prefer to IPO in another market than Swiss, the real reason for the move.
You can publicly list in exchanges despite not being domiciled in the exchange's host country.
For example, Chinese and EU domiciled companies IPOing on the London Stock Exchange (LSE) due to a mix of easier access to liquidity and simplified rules and regulations.
It's nice to see that they're giving the finger to the Swiss government but ultimately it doesn't matter as many jurisdictions are mandating the same things.
Except the metadata I guess.
if you are scared of spooks using metadata, that can be managed with some warwalking around cafes/campus, a wifi extender, a burner phone tether, and action in discretion.
at that point WTF your doing had better be a noble cause, not a malediction.
I've always seen Proton benefits as a moot point because it's not E2E to the other side. You can encrypt all you want but as soon as you actually communicate with anyone (this is the email after all) you are now give all your messages to a third party often times without any encryption at all.
https://apnews.com/article/germany-women-misogyny-raids-inte...
https://www.yahoo.com/news/german-police-launch-nationwide-o...
It seems reasonable to be concerned about a government that wants the power to reveal Internet users, but I couldn’t say on what basis Proton expects legal protection to continue after the move.
For things like troll posts or just general hate speech, most of the time the police visit your house and ask you questions and give you a stern warning. And remember, police in EU isn't like police in US - when you get visited by police in EU, you aren't afraid that you are going to get shot up or thrown on the ground and tazed if you did nothing wrong. In extreme cases where you are calling for things like beheading, yea they def arrest for that.
Source: close friend that lives in Germanty works for a company that does business with German government. I don't know first hand but he is pretty aware of the policics in EU and I have no reason to believe he would be exaggerating.
On anther note, Germany policing is quite progressive actually. For example, if you run, you don't get a charge for evading/eluding - its actually legal to run from police because "desire for freedom is a human right".
They should be policing their social media heavily.
Swiss government look to undercut privacy tech stoking fear of mass surveillance - https://news.ycombinator.com/item?id=45223231 - Sept 2025 (3 comments)
Proton begins moving hardware out of Switzerland due to proposed legislation - https://news.ycombinator.com/item?id=44915796 - Aug 2025 (5 comments)
Proton Partially Exits Switzerland - https://news.ycombinator.com/item?id=44669496 - July 2025 (2 comments)
Lumo: Privacy-first AI assistant - https://news.ycombinator.com/item?id=44657556 - July 2025 (123 comments)
Proton threatens to quit Switzerland over new surveillance law - https://news.ycombinator.com/item?id=44014808 - May 2025 (228 comments)
Tell HN: Swiss surveillance monitoring nearly everything – impact on Proton etc? - https://news.ycombinator.com/item?id=38937352 - Jan 2024 (8 comments)
"(proton fraud detectors) are looking for certain patterns in use. And they collect clues on the dark web. For example, if you find Proton mail addresses in criminal Internet forums, the accounts behind them will be blocked."[1]
I've never participated on a "dark web" or .onion forum but I could imagine doing so for a variety of reasons ... are there not very interesting discussions occurring there ?
I would be classified as a criminal for being part of that discussion ?
Should I be retroactively classified as such for my discussions on cypherpunks in the nineties ?
[1] https://www.nzz.ch/technologie/proton-ceo-andy-yen-wer-geset...
Anyway most people would be better served when disavowing any notion that email is secure or that VPN services operated by companies (as opposed to ones you control) are good for anything other than bypassing region locks.
TheCleric•1h ago
https://www-nzz-ch.translate.goog/technologie/proton-ceo-and...