Thanks for sharing this. Definitely a good data point.
When I signed up for protonmail, it seemed like a great alternative to Gmail, which I was using at the time. The business model seemed really great for somebody who was new to privacy. So far, I’ve been really happy with them. Their customer service is top notch, and I like how openly assertive they are against the powers that be.
When I first signed up, I couldn’t even spell PGP. Now I are have one me self. (I actually didn’t even know that my protonmail came with an encryption key or what a public/private key meant.) I like their tutorials and blogs that introduce noobs such as myself to tools of the trade. They really break it down 5th grader style, which is what I needed.
However… I have grown to become really uncomfortable with the fact that my private key is on a remote server. Understood, it is encrypted and the company seems to be very transparent. Their intentions seem sincere. But, that practice goes against every security best practice I’ve ever read. And it really sets off my spidey senses.
So I suppose, maybe, that PM is a good transition program. Things like PGP are not easy for normies like me to grasp. But now that I’ve figured out how to use GPG and integrate keys into email clients, the PM model seems less than desirable.
Relating to the OP, I think PM is doing their best for helping the masses. But I think it’s really important to understand what compromises one is making when using PM’s convenience.
I only share this as an interesting piece of information, I don’t think this means something specific to be honest and I don’t think they are compromised because of this simply because they may use some Google infrastructure, as other people in the privacy community do. I do believe they could be better at some stuff and that they don’t because of preferring profit over that improvement, but I understand the context of ravage capitalism where you need to do certain actions to survive.
I also don’t think they’re doing the best for the masses, but simply what’s best for them in order to gain more money; that may benefit people, sure, but it’s not the same.