Is Proton leaving Switzerland?
66 comments
·December 19, 2025julenx
starquake
So the title is incorrect? They haven't left Switzerland yet?
dang
We've changed the submitted URL from https://www.nzz.ch/technologie/proton-ceo-andy-yen-wer-geset... to a third-party article that seems to have more background.
(Also, HN is an English-language site, so articles here should be in English - https://hn.algolia.com/?dateRange=all&page=0&prefix=true&que... - even though we have deep respect for the German language and other languages)
layer8
The original article is still very much worth reading, using the translation tools that are nowadays built into web browsers.
rsync
Their CEO states:
"(proton fraud detectors) are looking for certain patterns in use. And they collect clues on the dark web. For example, if you find Proton mail addresses in criminal Internet forums, the accounts behind them will be blocked."[1]
I've never participated on a "dark web" or .onion forum but I could imagine doing so for a variety of reasons ... are there not very interesting discussions occurring there ?
I would be classified as a criminal for being part of that discussion ?
Should I be retroactively classified as such for my discussions on cypherpunks in the nineties ?
[1] https://www.nzz.ch/technologie/proton-ceo-andy-yen-wer-geset...
hypeatei
I used Proton at one point, but I realized that email is inherently insecure and any cloud storage can be E2EE if you encrypt the files yourself before uploading (which you should)
It's nice to see that they're giving the finger to the Swiss government but ultimately it doesn't matter as many jurisdictions are mandating the same things.
justsomehnguy
> but I realized that email is inherently insecure
I've always seen Proton benefits as a moot point because it's not E2E to the other side. You can encrypt all you want but as soon as you actually communicate with anyone (this is the email after all) you are now give all your messages to a third party often times without any encryption at all.
smeej
I do at least appreciate that emails from one Proton account to another Proton account are secured by default. It has made it much easier for me on the few occasions I've needed to send someone something securely but haven't wanted to walk them through setting up PGP. "Create a free Proton account" is a much easier process.
fsflover
> any cloud storage can be E2EE if you encrypt the files yourself before uploading (which you should)
Except the metadata I guess.
mmooss
Also, the people with whom you email likely won't encrypt things on their end.
fsflover
Decentralized E2E instant messaging is the solution.
rolph
client encryption is about keeping the MITM out of your fibre.
if you are scared of spooks using metadata, that can be managed with some warwalking around cafes/campus, a wifi extender, a burner phone tether, and action in discretion.
at that point WTF your doing had better be a noble cause, not a malediction.
iagooar
They leave for Germany, of all places. Germany is one of the European states with most arrests for posting entries on social media. I guess they will pack their stuff and move on in 1-2 years from now.
why-o-why
What were those posts about on social media? Care to share?
ActorNightly
Germany has a big alt-rising in the form of AFD, and consequently, they do track social media heavily. There is also a non-insignificant fundamentalist Muslim population.
For things like troll posts or just general hate speech, most of the time the police visit your house and ask you questions and give you a stern warning. And remember, police in EU isn't like police in US - when you get visited by police in EU, you aren't afraid that you are going to get shot up or thrown on the ground and tazed if you did nothing wrong. In extreme cases where you are calling for things like beheading, yea they def arrest for that.
Source: close friend that lives in Germanty works for a company that does business with German government. I don't know first hand but he is pretty aware of the policics in EU and I have no reason to believe he would be exaggerating.
On anther note, Germany policing is quite progressive actually. For example, if you run, you don't get a charge for evading/eluding - its actually legal to run from police because "desire for freedom is a human right".
1123581321
It was easy to find news stories. Here are a couple from neutral sources.
https://apnews.com/article/germany-women-misogyny-raids-inte...
https://www.yahoo.com/news/german-police-launch-nationwide-o...
It seems reasonable to be concerned about a government that wants the power to reveal Internet users, but I couldn’t say on what basis Proton expects legal protection to continue after the move.
dbdr
Neither of your links mention arrests, one specifically says "None of the suspects were detained". They don't seem to back up the original claim about Germany arresting the most people based on social media posts.
ActorNightly
Germany has AFD which is even more Nazi-like than Trump to certain extent.
They should be policing their social media heavily.
dang
Related. Others?
Swiss government look to undercut privacy tech stoking fear of mass surveillance - https://news.ycombinator.com/item?id=45223231 - Sept 2025 (3 comments)
Proton begins moving hardware out of Switzerland due to proposed legislation - https://news.ycombinator.com/item?id=44915796 - Aug 2025 (5 comments)
Proton Partially Exits Switzerland - https://news.ycombinator.com/item?id=44669496 - July 2025 (2 comments)
Lumo: Privacy-first AI assistant - https://news.ycombinator.com/item?id=44657556 - July 2025 (123 comments)
Proton threatens to quit Switzerland over new surveillance law - https://news.ycombinator.com/item?id=44014808 - May 2025 (228 comments)
Tell HN: Swiss surveillance monitoring nearly everything – impact on Proton etc? - https://news.ycombinator.com/item?id=38937352 - Jan 2024 (8 comments)
aquariusDue
I always believed stuff like Proton and Tutanota to pander to individuals who cared about privacy but who fell ultimately to their shiny marketing campaigns.
Anyway most people would be better served when disavowing any notion that email is secure or that VPN services operated by companies (as opposed to ones you control) are good for anything other than bypassing region locks.
sfc32
Are they planning to payback all the Geneva cantonal and CERN money they took?
I seem to recall that one of their original selling points was that they were based in Switzerland which does not have data sharing agreements with the US under the Patriot act, unlike the EU.
Cynical view - they prefer to IPO in another market than Swiss, the real reason for the move.
layer8
They are a non-profit, and they could actually get more subsidies if they moved their headquarters to the EU.
alephnerd
> they prefer to IPO on another market than Swiss
You can publicly list in exchanges despite not being domiciled in the exchange's host country.
For example, Chinese and EU domiciled companies IPOing on the London Stock Exchange (LSE) due to a mix of easier access to liquidity and simplified rules and regulations.
mikelitoris
Why are all European countries interested in surveillance all of a sudden in the last 3-4 years? WW3 preparations, just in case? They realized they are harboring a lot of foreign agents? Good ol’ power grab under false pretenses (ala patriot act)? Or all of the above? I hoped Switzerland would never do this, being the “perfect” country they think they are and are so proud(smug?) of being; alas here we are.
hypeatei
I'm not European, but it's probably a mix of intelligence services advocating for it and government regulation as a solution to everything. If you believe that every problem can be solved by a regulator, then the logical endgame is the regulator needing a window into every aspect of your life so they can make sure you're not violating regulations.
The Patriot Act isn't on equal footing as these Chat Control-esque laws we're seeing. The US government spies on people, sure, but they're not mandating encryption backdoors or trying to outlaw VPNs.
drawfloat
Snowden revealed PRISM meant the US government just had straight access to servers of major providers, so they didn’t need any of this. I would be shocked if the NSA hadn’t stepped up its data collection efforts in the last decade in secret.
nabla9
> Snowden revealed PRISM meant the US government just had straight access
People read this and think that US government had unhindered access to all data in major providers.
According to Edward Snowden, PRISM allowed the government to compel internet companies to turn over any data that matched specific court-approved search terms. such as email addresses, all under Section 702 of the FISA Amendments Act of 2008.
At least some parts of it were likely unconstitutional as it could target U.S. persons, but it was not free for all as "straight access" indicates. It was straight access after FISA court approval.
NSA runs much more invasive MUSCULAR program in the UK without FISA or other type warrant.
sheepscreek
Surveillance isn’t bad per se. It’s when everything is so hush hush (which surveillance is by definition) and you lose sight of who has access to what, we humans start to get silly ideas. We’re imperfect and corruptible. Only in this case, it’s so hard to catch any illegal corrupt activities taking place.
So in my opinion, it’s a band-aid to more deep seated problems that more often than not creates new problems. I don’t know enough about how EU intends to do. I guess even eventual mandatory declassification (like a reasonable 5 yrs delay) would deter bad actors/politicians that aren’t well meaning from misusing it.
impossiblefork
Why do you think surveillance isn't bad per se?
It's certainly not compatible with privacy.
timschmidt
> but they're not mandating encryption backdoors
https://en.wikipedia.org/wiki/Dual_EC_DRBG#Weakness:_a_poten...
hypeatei
Yes, that was an insidious move from the NSA but nowhere near a mandate. No one uses it because of that weakness and they're allowed to do that.
gastonmorixe
you sure? https://www.apple.com/customer-letter/ (2016)
hypeatei
Fair, the US government is not a saint in this respect. I will say that a three letter agency getting upset and requesting a backdoor does seem different than a legislative (executive?) commission proposing laws to backdoor communications.
From a recent EFF post[0], it appears they've backed off the scanning and encryption demands so that's good, I guess. Hopefully that sticks and they don't propose something similar in the future.
0: https://www.eff.org/deeplinks/2025/12/after-years-controvers...
sunshine-o
Yes I believe what was revealed about 10-15 years ago about the "mass surveillance" conducted by the US and what is happening in Europe are totally different things.
The US conducts mass surveillance at a planetary scale, as an "Empire". It was implemented secretly by its 3 letter agencies with the help of various actors.
Europe is doing it in the open with laws and regulations and only targets the people in its territories. One simple reason they would have to do this way is they simply have no equivalent in capabilities to the NSA, CIA, etc. or big tech.
layer8
It’s “all of a sudden” because E2EE messaging has become mainstream, and the telephone and email tapping abilities of old aren’t effective anymore.
seydor
Certain countries like Greece use surveillance against political opponents. In this case, the PM himself oversaw the spying of the current opposition leader, journalists and others.
There's also lobbying from "security" companies who are pressuring governments to purchase and install their systems, but they require realtime spying of everyone.
snickerbockers
Its not just Europe. america is too, it just seems less egregious because the American people are used to seeing the government contract out constitutional violations to private corporations which have incestuous links to the government.
With recent AI advancements, an orwellian hell is all but inevitable. If you (by which i mean the powers that be not you specifically) don't build it then some competing faction will and they'll be in control of it. Its the classic prisoner dilemma.
sph
The State must grow, and this is the lowest hanging fruit. What are they gonna do, try to fix the economy? Housing? Youth prospects?
It’s a win-win for the politicians and the pensioners that vote them, that believe any nonsense about children safety.
Diti
My headcannon is that it’s a money thing, and that there must be intense lobbying by the internet surveillance manufacturers (like Thales).
null
zem
I feel like over time governments and government agencies naturally attract and retain people inclined towards overreach, especially if they live in a bubble where there are always good and valid reasons for said overreach. you need a branch of the government explicitly combatting this tendency for it not to happen.
derelicta
European States are vassals of America. They probably just reminded us poor helvetes that our neutrality and sovereignty was on paper only, and that if we opposed them, we would end up like Venezuela or Lybia.
daft_pink
It’s too bad you can’t just choose your location with services like this.
I want very secure email that’s US located because some of the contents are US regulated, I’m not worried about the US hacking me and I doubt if they really wanted my information I could do anytyhing to keep it from them.
I’m sure there are people that would love Switzerland.
To each their own.
edent
BitWarden offers users a choice of US or EU hosting.
TheCleric
Rough English translation:
https://www-nzz-ch.translate.goog/technologie/proton-ceo-and...
garbawarb
Are Germany and Norway better?
Y_Y
... for Germany and Norway
> Wir haben angefangen, unsere gesamte Infrastruktur zu kopieren. Unsere Daten befinden sich nun auf Servern sowohl in der Schweiz wie auch in Deutschland und Norwegen. Wenn nötig, können wir die Systeme in der Schweiz innerhalb von kurzer Zeit herunterfahren. Ich hoffte immer, solche Schritte nie einleiten zu müssen. Aber das Umfeld in der Schweiz ist für uns zurzeit zu unsicher. Wir hatten keine andere Wahl, als unseren Wegzug zu planen.
They started to copy the infrastructure, and the data is currently in Switzerland, Germany, and Norway. They can technically shut down the systems in Switzerland on short time. He (Andy Yen, CEO) always hoped they'd never need to take such steps, but the environment in Switzerland is too insecure for them at the moment. So they had no other choice but to plan their way out.