We created ProtonMail in 2014 because we were concerned about mass surveillance. At the time, governments were spying on our emails, text messages, and phone calls. Now there’s a new surveillance threat, but this time the information at risk isn’t our communications — it’s our bodies.
Today, we’re joining other privacy advocates and businesses to support a moratorium on the government use of face surveillance in Massachusetts. This moratorium will give representatives time to prepare new laws that protect people’s civil rights and privacy.
As we have often said, we believe all technologies are neutral. It’s only good or bad depending on how you use it. Facial recognition technology can be put to positive purposes, like authenticating your mobile device or identifying photos of you posted on social media without your consent. But when used for face recognition surveillance, this technology can lead to discrimination and undermine freedom of expression.
As a company, we often speak out about laws related to online privacy and data security. From data protection in California to surveillance in Kazakhstan, we have supported policies we believe will contribute to building a better Internet. We’ve lined up behind the Massachusetts face surveillance legislation for a number of reasons.
First, we’re concerned about the privacy and freedoms of our American users who don’t consent to biometric surveillance but have been subject to government monitoring. Several Proton team members were residents of Massachusetts, and it’s frightening to think we could have been monitored and recorded whenever we went out in public. Just as the digital world should be a place where people can meet and share ideas without fear, our public spaces should be safe for people to gather, express themselves, or go about their business.
Second, this kind of mass surveillance can have a devastating impact on people’s faith in digital technology and government. Our mission is to build an Internet where people feel safe, and their personal information is private. The monitoring and cataloging of citizens’ biometric data can undermine people’s confidence that governments and technology companies have their best interests at heart.
Third, Massachusetts, a historical vanguard for civil rights reform, is well-positioned to define a model for facial recognition regulations that other states and countries can follow. Already, the city of Somerville, outside of Boston, has imposed its own biometric surveillance moratorium. This follows a similar ban in San Francisco. We believe this is the right time to speak out and begin building a framework that can regulate facial recognition technology.
Here in Europe, the GDPR already protects citizens from unwanted face surveillance. It’s time for the United States to follow the European Union’s lead.
Below, you can read our full letter to the Massachusetts legislature from our founder and CEO, Dr. Andy Yen. You can also read a policy briefing by the American Civil Liberties Union on face surveillance and the need for new regulations.
The ProtonMail Team
General Court of the Commonwealth of Massachusetts
Att: Members of the Joint Committee on the Judiciary
24 Beacon St.
Boston, MA 02133
Dear Committee Members:
On behalf of Proton Technologies, I am writing in support of the Face Surveillance Moratorium sponsored by Senator Creem (S.1385) and Representative Rogers (H.1538). As engineers and entrepreneurs, we believe in the power of technology to improve the world. But we have also seen how quickly new technologies can outpace policy, leading to social problems that are harder to fix later. To avoid the worst outcomes, makers and consumers of facial recognition software need socially responsible guidelines that respect people’s privacy and dignity while mitigating the potential for misuse. This Moratorium is a logical first step.
You are by now aware of the problems that can arise from unregulated facial, voice, and gait surveillance. Unintended consequences may include discrimination against women and people of color, invasion of privacy on a massive scale, and the suppression of free speech and assembly. Therefore, I will not focus on the dangers of no regulation but rather the advantages of proactive legislation.
Consumers want data privacy and security
We know this from experience. In 2014, we created ProtonMail as a small project in the cafeteria of the European Organization for Nuclear Research (CERN), and we released the first closed beta to a few of our colleagues. Our service is a privacy-focused alternative to Gmail, which ensures only the sender and recipient can read the messages. Less than five years later, we are now the largest encrypted email service in the world, with over 15 million users and a profitable business model based on community support, not ads. Our growth tells us that privacy and security are in demand. So do numerous polls, including the Massachusetts ACLU’s recent face surveillance poll. Here in Europe, data privacy and security are already the law of the land, spurred by longstanding pro-privacy sentiments. Massachusetts now has the opportunity to establish a global precedent on facial recognition that other jurisdictions might follow.
Businesses want facial recognition tech to be regulated
Multi-billion-dollar fines from U.S. and E.U. regulators against Google and Facebook — and the global-scale privacy and security breaches that led to them — illustrate the high cost of poor oversight. Today, even Microsoft, which stands to profit greatly from facial recognition, is calling for clear laws on facial recognition technology. “Unless we act, we risk waking up five years from now to find that facial recognition services have spread in ways that exacerbate societal issues,” wrote the company’s president, Brad Smith. At Proton, we benefit from the strong and well-defined privacy laws of our home country, Switzerland. These laws help us protect our users and, in turn, give our users confidence in the services we provide. They know the data they store on our servers is safe. Strong laws lead to consumer confidence.
The digital future depends on the rule of law
We live just as much online as we do offline. We develop personal and professional relationships there, and our digital transactions drive the global economy. We have even entrusted our democracy and the administration of public services to digital technology. Therefore, faith in this technology is paramount. If people believe digital technology is being used against them, they will turn against it. We have already seen activists endeavor to subvert face surveillance. Just as laws create cooperation, commerce, and democracy in the physical world, we need laws that foster a sense of security and trust in the digital world.
All technologies are fundamentally neutral. We do not oppose facial recognition technology, just as we do not oppose email. But we do not believe your email service should spy on you, and we do not believe facial recognition technology should be used in ways that violate civil liberties. We believe this common-sense Moratorium will help build a solid foundation for facial recognition technology to emerge as a positive force in the world.
Personally speaking, as a Harvard alumnus, I would be much more comfortable returning to campus as a face in the crowd, not as a walking ID badge.
Thank you for your consideration. We would be happy to provide you further information upon request.
Dr. Andy Yen
Founder and CEO
Proton Technologies AG
You can get a free secure email account from ProtonMail here.
We also provide a free VPN service to protect your privacy.