All ProtonMail data at rest and in transit is encrypted. However, subject lines in ProtonMail are not end-to-end encrypted, which means if served with a valid Swiss court order, we do have the ability to turn over the subjects of your messages. Your message content and attachments are end to end encrypted. See this article for a description of what ProtonMail data is encrypted.
There are two main reasons why Subject lines in ProtonMail messages are not end-to-end encrypted.
1. Not Standards Compliant – ProtonMail adheres to the OpenPGP standard which largely respects the SMTP protocol. In PGP, the subject line is part of the header packet which is not end-to-end encrypted.
Given that PGP does not end to end encrypt subject lines, why does ProtonMail use the OpenPGP standard?
The reason is interoperability. By adhering to OpenPGP, we enable not just end-to-end encrypted messaging with other ProtonMail users, but compatibility with any PGP user worldwide. This means anybody, regardless of what email provider they use, can send end-to-end encrypted messages to ProtonMail users.
The importance of this cannot be overstated. This also allows us to integrate with other services like Facebook. With OpenPGP, ProtonMail isn’t just a standalone encrypted email service, we become part of an entire encrypted ecosystem.
2. Allow for subject line search – By construction, end-to-end encrypted data is not searchable. This is because searching through several gigabytes of emails cannot be properly done on a browser. It must be done on the ProtonMail servers, and with end-to-end encryption, the ProtonMail servers don’t have the ability to read the data. If subject lines were encrypted, it would be impossible to search through emails by subject. This is a huge detriment to everyday email usability.
This situation may change in the future as encryption technology evolves (for example, projects like Mylar being developed at MIT), but at present, searching encrypted data is still far off.
What can I do to protect the subject lines of my email communications?
Even though ProtonMail subject lines are not end-to end encrypted, it is exceptionally difficult for a third party to get access to them. Access would require breaching Swiss data privacy laws and getting a court order that is approved by a Swiss judge.
You can also use generic subject lines that disclose minimal information about the message contents.