Concerned about SESTA-FOSTA? Learn how ProtonMail protects your privacy


On Thursday, US President Donald Trump signed into law a controversial bill known as SESTA-FOSTA (short for Stop Enabling Sex Traffickers Act and Allow States and Victims to Fight Online Sex Trafficking Act). In essence, the law will punish online platforms that knowingly facilitate sex trafficking. On its face, this is a noble mission — criminals involved in sexual exploitation often use websites to advertise their illicit services — and well-known organizations and celebrities have come out in support of SESTA-FOSTA.

But we believe SESTA-FOSTA is a form of censorship that will usher in far-reaching negative consequences, including increased censorship of all sexual content and possibly imperiling the safety of the sex workers the law is trying to save.


SESTA-FOSTA introduces criminal liability for owners and managers of web companies “knowingly assisting, supporting, or facilitating” sex trafficking. The law allows for large criminal penalties, including a fine and up to 25 years in prison, for those convicted.

Practically speaking, SESTA-FOSTA makes Internet platforms responsible for the content that others post. As a result, those platforms will probably do one of three things: conduct increased surveillance of user-generated content, stop monitoring content entirely to avoid knowingly facilitating crimes, or remove their user forums entirely.

What SESTA-FOSTA means for the Internet and for sex workers?

In its opposition to the law, the American Civil Liberties Union expressed concern that SESTA-FOSTA would have a chilling effect on speech. “Risks to the vibrancy of the Internet as a driver of political, artistic, and commercial communication [are] real and significant,” they said. The Electronic Frontier Foundation and the Center for Democracy and Technology echoed that fear.

We are already starting to see these consequences. For instance, even before the law was approved, Craigslist removed its personal ads section. “We can’t take such risk,” the company said. Other companies may follow suit or begin policing all manner of content, including information transmitted via “private” email messages or stored on cloud drives.

Sex workers themselves have vigorously opposed the legislation, saying this censorship will jeopardize their safety. They use email, messaging apps, and social media to connect with and screen clients. Because of SESTA-FOSTA, they may be forced back into the hands of traffickers and away from more open communities where they are safe.

“If you are a sex worker who’s been the victim of violence, it is scary enough to speak up about it already,” adult performer Lorelei Lee told Motherboard. “Make no mistake, if these bills pass, sex workers will die.”

Because of our strong focus on privacy and security, ProtonMail has long been a secure place for sex workers and performers who often have sensitive business communications. In many situations, having access to encrypted and private communications is not just a business necessity, but also a matter of personal security.

Does SESTA-FOSTA affect ProtonMail?

As a Swiss company, we are not governed by US laws. A Swiss court must approve any government request for data (Swiss or non-Swiss), and the account in question must have been used in connection with activities that are illegal in Switzerland. Activities not illegal in Switzerland (gambling, sex work, etc.) would therefore not subject accounts to foreign data requests.

And even in the event of a data request, we cannot hand over the contents of user messages because we are unable to decrypt them. Our encryption ensures that all emails sent between ProtonMail users are automatically end-to-end encrypted, meaning that only the sender and recipient can read the communications, and the messages are not viewable to anybody who may intercept the messages. All emails in your inbox (including those from non-ProtonMail users) are also protected with zero-access encryption, meaning only someone with your password has the ability to read the contents of your messages or open your attachments.

ProtonMail is safest when both parties are using ProtonMail, as emails sent from ProtonMail to a Gmail account would be readable by Google and, by extension, US authorities. There are ways to also encrypt messages sent to non-ProtonMail users, but they are less user friendly than if both parties were just using ProtonMail. Therefore, if you are using ProtonMail for sensitive communications, we recommend getting your contacts to also use ProtonMail. However, even if none of your contacts use ProtonMail, using ProtonMail is still safer than using unencrypted email.

ProtonMail’s encryption means that even if your messages are leaked, the content of your messages remains encrypted. This is important for all kinds of businesses and professions — journalists, lawyers, hospitals — not just sex workers.

.com vs .ch domain names

Some people have asked us about the differences between using and for your address and whether SESTA-FOSTA impacts that. This question comes up because the .com registry is handled by Verisign, which is a US company, so potentially the US government could overreach and seize control of

While it is not possible to guarantee this will not happen, we consider this risk to be fairly remote because seizing the domain name of a Swiss company that is conducting business lawfully would trigger an international incident. For those who are concerned, we also provide email addresses under the (registered in Switzerland) and (Montenegro) domain names. Users who have a paid ProtonMail account can opt for one of these email addresses in addition to the default address.

Use a VPN

Because of SESTA-FOSTA, some websites have decided to avoid any potential liability by simply blocking all US visitors. One example is the popular site TER, which replaced its homepage with a legal notice for anyone accessing the site from an IP address in the US. It is possible to bypass these blocks by using a VPN. A VPN encrypts your Internet connection and masks your IP address, which also protects your privacy as you browse the web. We developed ProtonVPN to counter online censorship, and this free service has already helped people in Turkey overcome a similar block against the ProtonMail website. If you’re concerned about your security, privacy, and freedom of access to information in the wake of SESTA-FOSTA, we recommend also using ProtonVPN.


We believe that SESTA-FOSTA will be harmful for online freedom and privacy, and may end up exposing sex workers to more risks instead of protecting them. Unfortunately this legislation has how become the law in the United States. Using ProtonMail and ProtonVPN are two ways you can stay safe online. While we do not have an official position on sex work as a profession, we do not discriminate against anyone. Sex workers have a right to safety and privacy, just like everyone else, and we are committed to protecting those rights for all.

Best Regards,
The ProtonMail Team

Sign up and get a  free encrypted email accounts from ProtonMail.

We also provide a free VPN service to protect your privacy.

ProtonMail and ProtonVPN are funded by community contributions. If you would like to support our development efforts, you can upgrade to a paid plan or donate.

You can also support ProtonMail by helping us spread the word
about privacy and security online: Facebook || Twitter || Google+ 

Thank you for your support!

About the Author

Ben Wolford

Ben Wolford is a writer at Proton. A journalist for many years, Ben joined Proton to help lead the fight for data privacy.


Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

One comment on “Concerned about SESTA-FOSTA? Learn how ProtonMail protects your privacy

  • why is it always costless for people to design these plans against internet privacy?

    anyone who attacks internet privacy should have their own records hacked or leaked. who in washington d.c. is designing these plans to chisel away at internet privacy??