hipsterelectron

hipsterelectron , 10 days ago

@protonprivacy from that link:

2.5 IP logging: By default, we do not keep permanent IP logs in relation with your Account. However, IP logs may be kept temporarily to combat abuse and fraud, and your IP address may be retained permanently if you are engaged in activities that breach our terms and conditions (e.g. spamming, DDoS attacks against our infrastructure, brute force attacks). The legal basis of this processing is our legitimate interest to protect our service against nefarious activities. If you enable authentication logging for your Account or voluntarily participate in Proton's advanced security program, the record of your login IP addresses is kept for as long as the feature is enabled. This feature is off by default, and all the records are deleted upon deactivation of the feature. The legal basis of this processing is consent, and you are free to opt in or opt out of that processing at any time in the security panel of your Account. The authentication logs feature records login attempts to your Account and does not track product-specific activity, such as VPN activity.

it sounds like you or the swiss government can arbitrarily decide to start logging IP addresses without being compelled to notify users? is there a reason you don't make a commitment to notify users whenever their IP address is logged? does swiss law put you under a gag order, or are you just not interested in notifying users when their privacy may be compromised?