Proton Mail Suspended Journalist Accounts at Request of Cybersecurity Agency

Proton Mail Suspended Journalist Accounts at Request of Cybersecurity…

• Proton, a privacy-focused email service, suspended journalist accounts at the request of an unspecified cybersecurity agency, despite positioning itself as a neutral haven for personal data.
• The suspended accounts belonged to journalists reporting on security breaches in South Korean government systems, including the Ministry of Foreign Affairs and the military’s Defense Counterintelligence Command.
• Proton initially did not knowingly block journalist accounts, but the situation was mishandled, leading to public outcry and eventual restoration of the accounts.
• Journalists and newsrooms, such as The Intercept, rely on Proton Mail for secure email submissions, making the suspension particularly impactful.
• The journalists, Saber and cyb0rg, followed responsible disclosure practices, notifying affected parties before publishing their findings in Phrack.
• Proton’s suspension of the accounts was due to an alleged policy violation, but the specifics were not clearly communicated to the journalists.
• Proton’s response to the suspension was criticized for being slow and insufficient, with the company initially not addressing the journalists' concerns privately.
• The suspension of the accounts disrupted the journalists' work, including their ability to respond to media requests and assist in the responsible disclosure process.
• Proton’s CEO, Andy Yen, announced the restoration of the accounts but did not provide a clear explanation for the suspension or the reasons behind the restoration.
• The incident raised concerns among journalists and whistleblowers about Proton’s accountability and transparency in handling account suspensions.