Russia has decided to block ProtonMail and ProtonVPN services. The reason, the dissemination of false bomb threats and other types of information through its services and the refusal to collaborate in order to stop them. Yes, something complicated, but that the body that supervises everything related to telecommunications in the country has considered sufficient. Although what is important is the debate that it generates against the idea of to what extent the loss of privacy can be justified in favor of security or vice versa.
Russia blocks ProtonMail and ProtonVPN
Not long ago, one of the most striking news in terms of privacy and security was the one that affected Apple. The company halted its project to encrypt all iCloud backups at the request of the FBI. And it is that applying a point-to-point encryption system would prevent security services from accessing the data stored there if necessary. For example, after committing an attack.
Well, now it is Proton Technologies who suffers something similar. Russia has published a Press release where they explain why they have decided to block ProtonMail and ProtonVPN services. According to them, during 2019 and especially during the first month of 2020 (very actively) the service has been used to disseminate false information about bomb threats.
Although Proton denies these requests, according to Roskomnadzor they contacted them to provide them with the administrators of said email accounts and the response was a refusal to provide data. Something logical, since one of the strengths of both services and the reason why journalists and organizations use them is that level of privacy.
Therefore, the consequence was a blocking of services covered by a local law which obliges VPN services to provide information that is required by the country's security services. So now, from Russia you can't access Proton Technologies tools.
Or almost, because you can really bypass the ban through TOR networks. And likewise the company is working to resolve the issue as soon as possible. But for many, the big question is to know to what extent it is lawful or not to lose privacy in favor of security or security in favor of privacy.
Privacy or security
This may be one of the important debates of the year. End-to-end encryption offers both important advantages and disadvantages. If you read the arguments of each party, it is easy to end up agreeing with both parties. Because in certain scenarios, not being able to access certain data that could help solve some cases or prevent future threats would be important.
The problem is that there are companies that have taken advantage of these concessions to misuse the data. And that is why many have "fled" to those services that helped maintain such a high level of privacy, practically unbreakable.
However, it is a very complex issue. In an ideal world there would be no problems and privacy would be respected except in very specific and extreme cases. But if they take advantage of the security justification to later abuse and play with our data, things change. What do you think?