Transparency Report

ProtonMail Warrant Canary

This warrant canary is updated at minimum once every 3 months, or whenever a new legally binding request is received, or about to be received if we have advanced warning.

Last updated December 7, 2016

ProtonMail has received a total of

User Data Access Requests

  • 50 requests to access user data
  • 4 requests were granted
  • 46 requests were denied
  • 3 legally binding requests

User Data Retention Requests

  • 9 request to retain user data
  • 7 requests were granted
  • 2 requests were denied
  • 2 legally binding request


To be counted here as a request for information, the request must come through official channels foreign or domestic (either a court order, directly from a government entity, or from legal/security departments of corporations). We do not count unofficial requests such as requests made by private individuals. Legally binding requests are ones from the Swiss courts that we are legally obligated to comply with. Under Swiss data protection regulations, we cannot legally comply with foreign requests that are not supported by a Swiss court order.

In addition to requests to hand over data, we can also receive requests to retain user data. These requests typically come from the Swiss Federal police when they are asked to assist in a domestic or international investigation. In these circumstances, we may be asked to permanently retain a copy of user data to prevent the destruction of evidence in an ongoing criminal investigation. However, this data is only retained, and is NOT handed over to any third parties.

Under Swiss law, ProtonMail can only turn over user data if we receive a request from a Swiss court that is approved by the judge. ProtonMail can only hand over encrypted messages as we do not have the ability to decrypt user messages. Further details are available here.

On an almost daily basis, Proton Technologies AG also receives account deletion requests from both official and unofficial channels. These requests are too numerous to list here and are handled on a case by case basis by our security team. If presented with overwhelming evidence that the account in question is being used for illegal purposes against our Terms and Conditions, we will shut down the offending account immediately. Legality is defined based on Swiss law, and illegal purposes include activities such as phishing, ransomware, identity theft, etc, but not prostitution, tax evasion, gambling, or other activities protected by Swiss law.

Reports released by the Swiss Post and Telecommunications Surveillance Service for the past several years can be found below. These statistics cover all of Switzerland.

  • In 2014, there were 12 cases of realtime internet wire-tapping and 18 requests for retroactive communication metadata.
  • In 2013, there were 21 cases of realtime internet wire-tapping and 32 requests for retroactive communication metadata.
  • In 2012, there were 20 cases of realtime internet wire-tapping and 26 requests for retroactive communication metadata.


  • In the 4th quarter of 2015, we received a request from the Swiss Federal Police to retain data for an account that was the subject of a criminal investigation. The data preservation request was made by the US Federal Bureau of Investigation via MLAT agreement. After consultation with counsel, Proton Technologies AG decided to comply with the request and preserve the requested account data. No data was handed over as we have yet to receive a binding court order requesting this data.
  • In the 1st quarter of 2016, we received a request for user data from the Ministère public of the Republique et Canton de Genève, originating from the United Kingdom, which was legally valid under la Convention européene d’entraide judiciaire en matière pénale (CEEJ Strasbourg 1959, RS 0.351.1) and the Deuxième Protocole additionnel (Strasbourg 2001, RS 0.351.12). The full facts of the criminal incident was provided to us. Given that a criminal action was clearly involved and in breach of our terms and conditions, we declined to mount a court challenge against the request. Proton Technologies AG decided to comply with the data request, to the extent that it is possible, given our cryptography.
  • In the second quarter of 2016, we received a request for user data as part of an ongoing investigation into a bomb threat in the United States. We agreed to retain (but not hand over) data on this case, pending the issuance of a Swiss court order requesting this data.
  • In the second quarter of 2016, we received a request from Swiss authorities on behalf of German authorities requesting information in a case where a minor was at risk. After consultation with counsel, we learned a binding Swiss court order is inevitable in this case. Therefore, we handed over available data in this case without waiting for a court ruling in order to not hinder the investigation. It is ProtonMail’s policy to always assist authorities in cases involving pedophilia or terrorism.
  • In the second quarter of 2016, we received a request from Swiss authorities on behalf of French authorities requesting information on a case involving extortion. Upon our request, Swiss authorities provided to us a copy of the International Letters Rogatory and court order approved by a Paris judge. Upon our request, a Swiss court order was also provided for this data request. Since clear evidence of a crime was provided, and requested paperwork was in order, Proton Technologies AG decided to comply with the data request, to the extent that it is possible, given our cryptography.
  • In the fourth quarter of 2016, we received a request from Swiss authorities from the Canton de Vaud, seeking information in a fraud case. After reviewing the relevant court order, Proton Technologies AG decided to comply with the data request, to the extent that it is possible, given our cryptography.

About the Author


We are scientists, engineers, and developers drawn together by a shared vision of protecting civil liberties online. Ensuring online privacy and security are core values for the ProtonMail team, and we strive daily to protect your rights online.


Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

64 comments on “Transparency Report

  • “Under Swiss law, ProtonMail also cannot be compelled to have this ability so we cannot turn over unencrypted user communications if we receive a request from the Swiss government.”

    I assume this means that, under Swiss law, ProtonMail cannot be compelled by authorities to modify its (client-sided) decryption scripts to send the password back to law enforcement?

  • “By using open source libraries, we can guarantee that none of the encryption tools we are using have clandestinely built in back doors.”

    Wow! You can GUARANTEE zero backdoors? Like the RSA? Like openSSL? Like {insert almost any open source library at one time or another}.


    +1 for using auditable FOSS libraries. -1000 for false claims. FOSS libraries just let you confirm or deny reported problems and let people go look for them. They don’t *guarantee* backdoors don’t exist.

    • 100% certainty is always impossible, but I think everybody out there is fairly confident that OpenSSL does not have a backdoor, you do get a certain measure of safety from having thousands of people poring over the code.

      • SSL has been 100% broken in real time by security agencies since 1997. RSA was intentionally weakened to make it easy to break. You should be very careful relying on “public libraries” of opensource code, it will give users a false sense of security.

        • A distinction has to be made between RSA the company, and RSA the algorithm. The algorithm is just mathematics and is sound, especially in the open source implementations of it.

  • I heard about this new and secure email service by ProtonMail at and i was extremely interested so i visited ProtonMail website and started reading almost everything about the secure email service, but i have one question only to ask, how did you guys raised funding for such an expensive project and how do you plan raising additional funds to keep this services always running? I will be extremely happy if ProtonMail officials answers my question ASAP if possible. thanks for the great service and good work done! keep the privacy spirit up!

    • So actually, the project is not that expensive because the biggest cost is our time. And this we are very willing to give for free because this is a cause we truly believe in.

      • True transparency requires financial transparency as well. And, once you have the funds, a properly sourced third party audit of finances and policies. Just posting milestones in that direction would suffice for the moment.

  • One key aspect of security is understanding your business model. If I don’t understand how you make the money required to operate the service, I can’t be sure about your survivability, and your resistance to human hacks. It would be useful to post something about this on your “About Us” and “Security” pages.

    Put another way, where do I send my check once I get an account?

    Thanks for putting together a very useful service.

    • We intend to pay the bills by charging for extra storage once the service goes out of beta, this should be able to cover our operating expenses.

  • Please send me complete information on the Proton Mail Account, Costs, How to sign, up and Operating Instructions. Thanks. WG

  • I understand pgp and gpg. One public key to encrypt and a private one to decrypt. But I don’t understand how you encrypt a mail for a particular user as you don’t have his public key.

    Could you explain like I’m 5? 🙂

    • We do have the public keys, the ProtonMail servers server as a public key store. But this is not a security issue because public keys, but definition, are public.

      • Is this not still susceptible to a man-in-the-middle attack? If a compromised server provides a false public key for the intended recipient, decrypts the message on the server, then encrypts it again for the recipient with the correct key?

          • I´ve got another question about the keys!

            The public one is stored at your server…that´s ok.
            But what about the private key? Where is this one stored?

            I´d like to have that one stored at my PC and not on a server.

            Kind regards and thanks for your efforts 😉

  • If the person you are sending an encrypted message, that is time expired, is in China and is using an account like will the message scannable by the “great fire wall”? If they have a proton account will it pass the “great fire wall” with out being read?

  • Two questions:

    1) Can I communicate securely with friends using OpenPGP, GPG etc., or would they need a Protonmail account?

    2) Will there be mail folders at some point (or did I overlook the feature)?

  • Hey Team of Protonmail, first I wanna say thanks for what you are doing, it’s amazing what you did.
    But I have one question, do you have any plans to make a standard for other providers to send asymmetrically encrypted mails to ProtonMail and vice versa?

  • hey guys

    congrats for the success of protonmail, i just got the invitation 3 days ago and i registered it, but whenever i send a email to my protonmail account i receive this error

    “Hi, User doesn’t exist. Please check the email address again. Thank you! ProtonMail”

    but i already registered my account under this email and its working perfectly, i can send the email from my protonmail account but i can’t receive it.

    please look into it and response me asap, i am eagerly waiting to use the services.

    thank you

  • Hi, I read the letter from “Interested User” above who asked where the PRIVATE key is stored. You haven’t put an answer on the website.

    I too would like to know where the private key is stored.


  • Hello there Proton Mail! I’m really taken back n very pleasantly delighted that there is an actual group of individuals out there in this world who’ve been able to create the reality and ability in which truly seems to uphold the same belief system as me in the issues of privacy standards n human moral values along with respect of people… That is awsome and gives me a bit of hopefullness of the human race and life as we know it..Since I cud remember as a lil kid and up to now I never stopped thinking so much about the fast advancements of technology and its invasive and intrusive integration with our everyday lives… I’m very very happy that I’ve come across Proton Mail its the first group I’ve ever seen that seems to perfectly suite me! Thank god you guys came about… I’m looking forward and hoping for the opportunity to be able to open an account with Proton Mail and have it as my new email address! Thanks, Natasha

  • I am waiting eagerly to receive my invite. Checking my current mailbox every day. I really hope it won’t take too long.

  • Thank you guys you have given me the invite to use protonmail within 5 days of my request. I like you guys

  • Take attention : if you protect à mail with a password PROTON send the mail but the Exchange Serveur of my office block it without any message.

    I tried to send from my proton account to my professional account

  • Can you say whether you notified the individuals whose data the government tried to access?
    Can you also say what government institutions tried to get user data, what kind of data they wanted and what was their reaction when you denied their requests?

    • If the foreign government succeeds in getting a Swiss court order, notification of the individual targeted is mandatory. For privacy reasons, we cannot publicly disclose which governments requested data and what data they requested. We think that privacy is a universal right and even governments are entitled to privacy when they make a request.

  • Can you say what government institution tried to get user data, what kind of data they wanted (metadata, actual email messages etc.), what was their reaction when you denied their requests and whether you notified the users whose data they tried to access?

  • On the link “”, I have found on ghostery, a chrome extension which you might know, that it had tracked a tracker called Piwik Analytics. I dont think its safe.

    • Piwik is OK, it is an open source analytics tool which we self host (so no data sent to third parties) and is used to gather browser/language information so we know which browsers/languages we need to support.

    • If you are worried, know that Piwik actually respects the “do not track” setting of your browser. Unlike many other systems.

  • Hey,

    many thanks for being such champions in privacy, much appreciated!

    I got two relating questions:

    a) Up to reading this very page, i thought Protonmail followed Swiss court orders only and strictly in regards to handing over user data, however i read that “Proton decided to comply with the request” even before a court order was issued. Has Protons approval policy changed? If so, what rules are used?

    b) Was the original assumption of Switzerland being out of reach from the EU and US wrong, considering MLAT and similar agreements used in the two (so far) approved user data requests?


      • Apart from encrypted emails themselves, what kind of “user data” was handed over? The login password? Access to any other data that or technical mean that could facilitate obtaining or cracking the private key?

  • I am a Citizen in the United States of America. That being said, the concepts and issues of Privacy versus Government, are always endlessly interesting, to say the least.

    I just started using ProtonMail yesterday. As I read more about ProtonMail, the more thrilled I become with my decision.

    Thank you!

  • please do not destroy any data or information for the following accounts:

    I am the owner of these accounts and they have been compromised by people in industry and the US government in a highly illegal, black operation that is performing a bizarre form of psychological torture.

    I am currently enduring this torture and belive that the information will indicate foul play and the methods used to hack the accounts.


  • When you say

    «To be counted here as a request for information, the request must come through official channels foreign or domestic (either a court order, directly from a government entity, or from legal/security departments of corporations). We do not count unofficial requests such as requests made by private individuals.»

    do you not separate requests from authorities and requests from corporations?

    Thank you.

    • We do not, because we will also respond to corporate requests such as reports of phishing. We will disable accounts involved in criminal activity and sometimes retain data until an official law enforcement request can be made.