In the past two months, many of you have reached out to us to ask about the mysterious tweets we sent to Google in August. At ProtonMail, transparency is a core value, and we try to be as transparent with our community as possible. As many people have continued to point out to us, we need to be more transparent here to avoid continued confusion and speculation. Thus, we are telling the full story today to clarify what happened.
The short summary is that for nearly a year, Google was hiding ProtonMail from search results for queries such as ‘secure email’ and ‘encrypted email’. This was highly suspicious because ProtonMail has long been the.
When ProtonMail launched in Beta back in May 2014, our community rapidly grew as people from around the world came together and supported us in our mission to protect privacy in the digital age. Our record breaking crowdfunding campaign raised over half a million dollars from contributors and provided us with the resources to make ProtonMail competitive against even the biggest players in the email space.
By the summer of 2015, ProtonMail passed half a million users and was the world’s most well known secure email service. ProtonMail was also ranking well in Google search at this time, on the first or second page of most queries including “encrypted email” and “secure email”. However, by the end of October 2015, the situation had changed dramatically, and ProtonMail was mysteriously no longer showing up for searches of our two main keywords.
Between the beginning of the summer and the fall of 2015, ProtonMail did undergo a lot of changes. We released ProtonMail 2.0, we went fully open source, we launched mobile apps in beta, and we updated our website, changing our TLD from .ch to the more widely known .com. We also doubled in size, growing to nearly 1 million users by the fall. All of these changes should have helped ProtonMail’s search rankings as we became more and more relevant to more people.
In November 2015, we became aware of the problem and consulted a number of well known SEO experts. None of them could explain the issue, especially since ProtonMail has never used any blackhat SEO tactics, nor did we observe any used against us. Mysteriously, the issue was entirely limited to Google, as this anomaly was not seen on any other search engine. Below are the search rankings for ProtonMail for ‘secure email’ and ‘encrypted email’ taken at the beginning of August 2016 across all major search engines. We rank on either page 1 or 2 everywhere except Google where we are not ranked at all.
All throughout Spring 2016, we worked in earnest to get in touch with Google. We created two tickets on their web spam report form explaining the situation. We even contacted Google’s President EMEA Strategic Relationships, but received no response nor improvement. Around this time, we also heard about the anti-trust action brought forward by the European Commission against Google, accusing Google of abusing its search monopoly to lower the search rankings of Google competitors. This was worrying news, because as an email service that puts user privacy first, we are the leading alternative to Gmail for those looking for better data privacy.
In August, with no other options, we turned to Twitter to press our case. This time though, we finally got a response, thanks in large part to the hundreds of ProtonMail users who drew attention to the issue and made it impossible to ignore. After a few days, Google informed us that they had “fixed something” without providing further details. The results could be immediately seen.
In the above plots, the x-axis is time and the y-axis is search ranking (lower number is better). The dates where there are no data points are times when we are not ranked at all by Google. After Google made some changes, ProtonMail’s rankings immediately recovered and are now ranked #1 and #3 for ‘secure email’ and ‘encrypted email’ respectively. Without any additional explanation from Google, we may never know why ProtonMail become unranked. In any case, we do appreciate Google finally taking action to resolve the issue, we just wished it happened sooner.
The Danger of Search Risk
This incident however highlights a previously unrecognized danger that we are now calling Search Risk. The danger is that any service such as ProtonMail can easily be suppressed by either search companies, or the governments that control those search companies. This can happen even across national borders. For example, even though Google is an American company, it controls over 90% of European search traffic. In this case, Google directly caused ProtonMail’s growth rate worldwide to be reduced by over 25% for over 10 months.
This meant that ProtonMail’s income from users was also cut by 25%, putting financial pressure on our operations. We went from being able to cover all our monthly expenses to having to draw from our emergency reserve fund. The lost income and financial damage incurred as a result was several hundred thousand Swiss Francs (1 CHF = 1.01 USD), which will never be reimbursed.
The only reason we survived to tell this story is because the majority of ProtonMail’s growth comes from word of mouth, and our community is too loud to be ignored. Many other companies won’t be so fortunate. This episode illustrates that Search Risk is serious, which is why we now agree with the European Commission that given Google’s dominant position in search, more transparency and oversight is critical.
Defending Against Search Risk
This incident illustrates that for ProtonMail to be successful, it is important that we can continue to grow independently of search engines so that it is impossible for any search company to intentionally or unintentionally cripple us. This is easier said than done, but there are easy actions that we can all do to safeguard the future of ProtonMail:
- Tell your friends and family about ProtonMail. The other benefit of this is that you will also get automatic end-to-end encryption when you email them.
- Writing articles or blog posts about ProtonMail and help spread the word about online privacy.
- Upgrading to a paid account or donating so we can rebuild our depleted emergency reserve fund faster.
- Helping ProtonMail reach more people through social media. You can Tweet or share ProtonMail on Facebook with the share buttons below.
The more we get the word out about the importance of online privacy, the more we make it impossible to suppress, ban, or otherwise pressure encrypted email services such as ProtonMail. We believe online privacy is critical for an open, democratic, and free future, and regardless of the obstacles ahead of us, we will continue building the tools necessary to protect this future. Thank you for supporting us and making this possible.
The ProtonMail Team
For questions and comment, you can reach us at firstname.lastname@example.org.
You can get a free secure email account from ProtonMail here.
Image Credit: Special thanks to Glasgow graphics designer James Belkevitz for providing the top image.