I use Proton. Proton Mail, Proton VPN, the whole stack. I chose it for the same reason most practitioners do. The architecture is real, the encryption works, and the Swiss jurisdiction felt like a meaningful layer of protection over the alternative. I’m not writing this piece because Proton is dishonest. I’m writing it because Proton is probably the most credible privacy infrastructure company in the world, and even here, the accountability gap is structural, visible, and widening.
That’s worth understanding before you trust it with something that matters.
The Promise
Proton launched in 2014 out of CERN. The founding premise was straightforward: end-to-end encrypted email, no access to message content, Swiss jurisdiction, and a no-logs posture that meant even a valid legal order couldn’t produce what wasn’t there.
For years that premise held in the public imagination. The brand became synonymous with privacy infrastructure. Journalists used it. Dissidents used it. Activists coordinating on the ground in politically hostile environments used it. The promise wasn’t just marketing. It was the reason the product existed.
The architecture backing that promise is genuinely strong. Proton cannot read your emails. That is not marketing copy. It is a technical reality enforced by the encryption. No legal order changes that.
But encryption is not the whole promise. And the architecture is not the whole institution.
Three Cases
In September 2021, French police were investigating a group of climate activists occupying buildings near Place Sainte-Marthe in Paris. They routed a request through Europol to Swiss authorities, who issued a legally binding order to Proton. Proton handed over the IP address and device fingerprint of the account holder. The encryption held. The email contents were never accessible. But the activist was identified and arrested.
Proton’s website at the time said: “By default, we do not keep any IP logs which can be linked to your anonymous email account.” Within days of the story breaking, that language was quietly removed. The privacy policy was updated to clarify that Swiss law could compel IP logging under criminal investigation. The response was a communications update, not a structural one.
In May 2024, Proton handed over a recovery email address to Spanish authorities investigating a Catalan independence activist connected to the Democratic Tsunami movement. The request came through Swiss legal channels as part of a terrorism investigation. Again, the encryption held. Again, the metadata was sufficient. The activist was identified.
In early 2025, court documents revealed a third case. The FBI, working through Swiss authorities via a Mutual Legal Assistance Treaty, obtained subscriber information from a Proton Mail account connected to the Stop Cop City movement in Atlanta. That information was a bank card identifier, a single piece of financial metadata, sufficient to match the account to a real name. The FBI used the identification to plan an airport detention. No charges were filed. A Georgia judge later threw out all related RICO charges against 61 defendants.
Three cases. Three different countries. Three different legal routes into the same institution. Each time, the encryption held. Each time, the metadata didn’t.
The Numbers Behind the Pattern
Proton publishes a transparency report. That matters and deserves credit. But the numbers inside it tell a story Proton hasn’t told directly.
In 2021, the year the French activist case became public, Proton contested 21.2% of legal orders it received. The scrutiny was high, the reputational stakes were visible, and the institution pushed back on roughly one in five requests.
By 2024, the contest rate had fallen to 5.9%. Order volume had nearly doubled. From 2017 through 2025, Proton received 45,667 legal orders and complied with 40,389 of them.
The institution got quieter about resistance as it got bigger. That is not an accusation of bad faith. It is a structural observation. As Proton scaled to 100 million users across Mail, VPN, Drive, Pass, Calendar, and Wallet, the surface area of metadata it holds expanded significantly. More products. More payment data. More recovery addresses. More device fingerprints. More points of legal exposure. The compliance architecture stayed the same.
One data point makes the structural argument more precisely than any other. Proton VPN, the same company, denied 100% of legal orders every single year from 2020 through 2025. Not because Proton VPN is more committed to privacy than Proton Mail. Because the architecture makes compliance impossible. Proton VPN maintains no logs. There is nothing to hand over. The architecture closed the gap before the legal order arrived.
Proton Mail’s architecture did not make that same choice.
What the Gap Actually Is
This is not a story about Proton breaking its promise. The encryption promise was kept every time. The emails were never readable. The architecture performed exactly as designed.
The gap is between two different things that the brand collapsed into one: the architectural promise and the institutional promise.
The architectural promise is technical. It is verifiable. It has been independently confirmed. Proton cannot read your emails. That is true.
The institutional promise is organizational. It lives in compliance decision frameworks, in legal resistance thresholds, in what metadata gets retained and under what conditions, in how payment processing integrates with account identity, in how the contest rate is determined when an order arrives. None of that is in the encryption. All of it is invisible to the user until a court order makes it visible.
The people most reliant on Proton’s promise, journalists, dissidents, activists operating in politically hostile environments, are the least positioned to discover where the institutional promise ends and the architectural promise begins. They chose Proton because they believed the brand. The brand implied a unity that the institution never formally established.
That is the accountability gap.
What Accountable by Design Looks Like
The Vordan Accountability Framework measures accountability posture across six components: Origin, Voice, Traceability, Timing, Response, and Transparency. A score of 100 means the gap is closed. Here is what Proton looks like at 100.
Origin. Every compliance decision has a documented decision owner and a published legal resistance threshold. The framework for determining when to contest an order, and when not to, exists in writing before the order arrives, not assembled case by case under legal pressure.
Voice. Users with high-risk threat models have a functional path to understand what Proton can and cannot protect them against before they rely on the service. That path is not buried in a threat model page three clicks from the homepage. It is part of onboarding for any account that fits the activist, journalist, or dissident profile.
Traceability. A published legal resistance log. Not aggregate statistics. A documented record of the threshold applied to each category of request, the reasoning behind contest and compliance decisions, and what changed structurally after each public case.
Timing. The institutional promise is defined before a legal order forces its definition. The 2021 privacy policy update happened after the activist was arrested. At 100, that clarification exists on day one of the product, not day one of the crisis.
Response. When a gap is identified, the correction is structural. The response to each of the three cases described above was a communications update. At 100, the response to the 2021 case produces a published resistance framework, a redesigned metadata retention policy, and a documented decision on what payment data is retained and why. Not a revised homepage.
Transparency. The brand promise matches the actual capability. “We do not keep IP logs” is replaced, before any court order, with a plain-language threat model that tells a journalist or activist exactly what Proton can protect them against, what it cannot, and under what conditions each applies. The architecture and the institution are described separately, honestly, and visibly.
At 100, the user who needs Proton most understands its limits before their life depends on not knowing them.
The Doctrine
Proton did not fail because its encryption broke. It failed, three times, in three countries, across a decade of growth, because the accountability architecture was never built to match the promise the brand was making.
The encryption was Accountable by Design. The institution was not.
That distinction is not unique to Proton. It is the defining accountability gap of privacy infrastructure at scale. The architecture gets the investment, the audit, the public verification. The institutional layer, the compliance decisions, the metadata retention choices, the legal resistance posture, operates largely in the dark until a court order or a news story turns the light on.
Proton VPN proves the alternative is possible. Zero compliance, not because of ideology, but because the architecture made compliance impossible. That was a design decision. It was made before the legal order arrived.
That is what Accountable by Design means. Not a better response when the gap becomes visible. Architecture that closes the gap before anyone has to find it.
Vordan covers the accountability gap between advancing technical capability and the institutions meant to govern it. The Accountability Report publishes every Sunday. The Gap Alert publishes when the intelligence warrants it.
If this piece was useful, forward it to someone who needs to understand the difference between an architectural promise and an institutional one.