ProtonMail is a secure email service designed to prioritize your privacy and protect your data. In an era of increasing data breaches and privacy concerns, understanding what ProtonMail offers and how it differs from mainstream email providers like Gmail is crucial. Is switching to ProtonMail the right move for you? Let’s explore.
What Sets ProtonMail Apart?
While major email services claim to respect user privacy, ProtonMail takes a more proactive approach. This focus differentiates it from prominent email providers such as Google’s Gmail and Microsoft’s Outlook.com.
ProtonMail is a leading provider of secure email services prioritizing enhanced security and privacy features over extensive free storage and integrated services. Unlike Gmail, accessing these advanced features often requires a paid subscription. Google generates revenue from its free Gmail service through targeted advertising, a practice absent in ProtonMail.
While both Google and Microsoft implement standard security measures like two-factor authentication and secure connections between your browser and their servers, ProtonMail goes further. It avoids logging identifying information, stores server data in an unreadable format for unauthorized parties, and facilitates more secure communication between users.
However, choosing ProtonMail involves tradeoffs. The free plan is limited, offering only 500 MB of storage. Moreover, some features that make Gmail convenient are not available in ProtonMail due to its emphasis on privacy and security. For instance, it does not automatically scan your emails to add events to your calendar.
The decision between a traditional provider like Google and a secure one like ProtonMail involves balancing convenience and privacy. If you value the extensive functionality of Gmail, ProtonMail may not be the ideal choice.
Related: What Is Secure Email, and Should You Switch?
How ProtonMail Protects Your Data
ProtonMail encrypts all server data, rendering it unreadable to anyone lacking the decryption key. In a data breach, stolen data from ProtonMail’s servers would be useless. Even ProtonMail cannot access the content of your emails.
This contrasts with standard webmail providers like Gmail, which only encrypt data during transmission between your browser and their servers. Google uses AI to analyze your emails, enabling features like Google Assistant to provide timely suggestions. Gmail infers your activities and plans based on your inbox content, a feature many users rely on.
ProtonMail also simplifies the process of sending encrypted messages between users. All communications between ProtonMail users are automatically end-to-end encrypted, preventing even ProtonMail employees from reading them. ProtonMail also supports Pretty Good Privacy (PGP), which allows you to “lock” email contents so that only recipients with the correct key can access them.
ProtonMail also enables password-protected, self-destructing messages to users on any webmail platform. Recipients must click a link to view the message, a feature not available in Gmail or Outlook.
While PGP is usable within Gmail through browser extensions like Mailvelope and FlowCrypt, it’s less streamlined and more difficult to use on mobile compared to ProtonMail’s native support.
Related: What Is End-to-End Encryption, and Why Does It Matter?
Swiss Privacy Laws and Data Protection
ProtonMail is headquartered in Switzerland, known for its stringent privacy laws. This means ProtonMail cannot be compelled to hand over user data to foreign authorities, including those in the U.S. Switzerland is not a member of the Five Eyes intelligence-sharing agreement between the U.S., Canada, Australia, the United Kingdom, and New Zealand.
In contrast, Google is located in the U.S. and may be legally required to provide user information. (Under U.S. law, emails are considered “abandoned” after 180 days, allowing the government to access them without a warrant.) This includes inbox contents, metadata, and IP addresses, which can be shared with Five Eyes members.
Google stores data unencrypted on its servers, making it accessible without decryption keys. The entire contents of your inbox could be disclosed to authorities and potentially used against you. If Google experiences a data breach, user data could be compromised.
Gmail stores identifying information like your IP address, real name, cell phone number, and login locations alongside your inbox contents.
Related: Why You Should Delete Emails Instead of Archiving Them
ProtonMail’s Minimal Data Collection
ProtonMail does not require any identifying information to create an account; only a username (your email address) and password are necessary. A recovery email can be linked, but it’s optional.
ProtonMail logs minimal user data. It does not store IP addresses and avoids tracking users across different sites. Metadata is discarded to make it difficult to trace an email to its origin. While ProtonMail aims for anonymity, you should never assume complete anonymity online.
Google, being the web’s largest advertising company, relies heavily on tracking. Tools like Google Analytics help website owners monitor traffic, while Google’s advertising services track your web usage to deliver targeted ads.
Google’s extensive service ecosystem also benefits from user tracking, eliminating the need to re-login when switching between Google Maps, YouTube, Gmail, and Google Drive.
Open Source and Security Audits
ProtonMail is open source. The code for the ProtonMail webmail application is available on GitHub. You can deploy it on your own server or examine the codebase for bugs or security vulnerabilities. ProtonMail uses established open-source cryptography techniques, including AES, RSA, and OpenPGP.
The open-source nature of ProtonMail provides two main advantages: the code can be audited by anyone, and the “crowdsourced” security approach exposes potential weaknesses that closed-source applications might miss. ProtonMail states they do not include backdoor access for law enforcement or security agencies.
Google also uses open-source technologies, but the Gmail codebase is closed. While closed-source code isn’t inherently insecure, it lacks the same level of scrutiny as open-source code.
Gmail’s Feature-Rich Ecosystem
Gmail offers many features not available in ProtonMail and is accessible on nearly any device via standard mail apps.
ProtonMail’s encryption methods prevent the use of standard smartphone mail apps. Accessing ProtonMail on mobile requires the Android or iPhone app or the webmail interface.
Gmail is also completely free, offering 15GB of storage shared across Google services, with the option to purchase more. Google does not limit features behind paywalls for free accounts, providing corporate-grade spam filters, optional experimental features, and mail aliases.
ProtonMail’s free account is limited to 500MB of space and 150 messages per day. Features like custom filters and autoresponders require a premium account. The free account includes three labels, three folders, and a single address (without custom domains).
Gmail’s deep integration with other Google services allows Google Assistant to access your inbox for relevant information about trips or purchases, enabling useful AI-powered features.
ProtonMail primarily focuses on email, although the company also offers a VPN service and is developing encrypted calendar and file storage apps. It lacks shared cloud storage, machine-learning AI features, and a companion search engine, map, or video-hosting service.
ProtonMail or Gmail: Which is Right for You?
Deciding between ProtonMail and Gmail depends on your priorities. Most Google users are unlikely to have their data compromised, and many willingly trade privacy for convenience.
However, if you prioritize an email service that goes the extra mile to protect your privacy, ProtonMail is a strong contender.
Want to further distance yourself from Google? Learn how to remove Google from your life.
Related: How to Remove Google From Your Life (And Why That’s Nearly Impossible)
