🧵 241 official German parliament member email addresses were found on the dark web -- that's 13% out of the 1,874 checked. Leaked via breaches of services like Dropbox, LinkedIn & even adult sites.
1/5

⬇️ We found that members of state parliament had more than just their email addresses leaked. There were also birthdates, addresses, passwords (153 in plaintext), and more, all for sale on the dark web.
2/5

⬇️

Today, we're sharing plans for the next 3-6 months — new features & improvements to give you more powerful tools to protect privacy, boost productivity, & take control.

We work for you and only you, so we selected these features based on your feedback & requests. 🧵

1/8 @ProtonVPN

Popular features will be available on more platforms.

Exclude apps & websites from your VPN with Split Tunneling on Mac & Linux.

Get the parental controls & filtering from 3rd-party DNS with Custom DNS on iPhone & Mac.

Explore more:

2/8protonvpn.com/blog/vpn-roadm…

Meta AI in WhatsApp is now near-inescapable, with the feature rolling out to more devices.

Even users based in one of the 41 European countries should soon see it if they are using the messaging app.

This AI is a less-powerful version of Meta AI's web app.

1/5 Users should see an AI button above the one used to create a new chat, and prompt shortcuts in the search bar.

This AI can be used to create stickers, but not to transcribe audio or summarize the contents of group chats. It can also share Bing links and generate text.

2/5

How we use the internet is largely shaped by a handful of US-based tech giants.

US gov't surveillance laws allow them to demand access to your data without your knowledge or a warrant.

Read the thread below for the list of European alternatives that put your privacy 1st.

1/16 We founded Proton in 2014 specifically to resist mass surveillance and abuses by Big Tech.

Google’s Gmail, Drive, Docs, Password Manager and Calendar can now be replaced with @ProtonMail, @ProtonDrive, Proton Docs, @Proton_Pass and Proton Calendar.

2/16

Think this is a fun trend? Think again.

While some don't have an issue sharing selfies on social media, the trend of creating a "Ghibli-style" image has seen many people feeding OpenAI photos of themselves and their families.

Here's why that's a problem:

1/4 Aside from the risks of data breaches, once you share personal photos with AI, you lose control over how they are used, since those photos are then used to train AI.

For instance, they could be used to generate content that may be defaming or used as harassment.

2/4

None of your business (noyb), a privacy non-profit based in Austria and Proton Lifetime Fundraiser beneficiary, is helping a Norwegian ChatGPT user in a complaint against OpenAI.

This complaint has come as a result of fake information being generated by their LLM.

1/6 The user tried to find out if OpenAI had information about him, and so asked it to tell him who he was, using his full name.

ChatGPT confidently made up a story where he was a convicted child murderer, citing the right city and correctly stating that he has three kids.

2/6

Mark Klein, a former AT&T technician and whistleblower, passed away on March 8 2025.

Although not as well-known as figures such as Edward Snowden, he was responsible for uncovering a web of expansive government surveillance, publicizing this through whistleblowing. 🧵

1/6 Mark Klein always had a strong moral compass and a commitment to privacy.

When he saw coverage in the New York Times about increased surveillance brought in by President George W. Bush after 9/11, he realized that he had been a part of building out this infrastructure.

2/6

This year, researchers from George Mason University published a paper on a way in which Apple's Find My network could be used to maliciously track Bluetooth devices without root access. This method works across multiple operating systems and device types.

1/6 When an AirTag goes missing, it sends out signals over Bluetooth Low Energy (BLE) to nearby iPhones. These in turn send the location of this AirTag back to Apple's cloud in order to help its owner find it again.

2/6

Une proposition de loi votée par le Sénat aujourd’hui suscite de sérieuses inquiétudes pour la sécurité numérique des citoyens et des entreprises en France. Cette loi forcerait les fournisseurs de services chiffrés, tels que Proton, à introduire des portes dérobées dans leurs applications, dans le but de lutter contre le narcotrafic.

Having a hard time picking what to watch? 🎬 Here are 5 films about privacy to watch this weekend 🧵

🔽 We Live In Public - A dot-com millionaire, Josh Harris, explores the impact of media and technology on personal identity through radical social experiments. His project "Quiet: We Live in Public" placed over 100 artists in a surveilled terrarium in NYC, where their every move was captured. Harris later, live streams his own life with his girlfriend.

🔽

Our research into cybersecurity practices of politicians around the world continues with Denmark, Luxembourg, and the Netherlands. We found more than just emails and passwords - DOB, addresses, & social media accounts were also linked to these politicians’ email addresses.
⬇️1/6 Denmark 🇩🇰
Despite a recent uptick in cyber security threat levels, 41% of Danish politicians had email addresses leaked. One in particular had their email exposed in 25 breaches. Overall, 93 passwords were exposed 69 of which were in plaintext.

⬇️2/6

Our research into the #cybersecurity practices of #politicians around the world continues with Italy and Spain. Working alongside Constella Intelligence, we’ve found out how they stack up against other European politicians.

⬇️1/5 Spain 🇪🇸
Spanish politicians outperformed all other countries researched, with just 6.3% of politicians having data exposed. This included 9 plaintext passwords and 39 emails identified in leaks.

⬇️2/5

After the unexpected mention in last night's @joerogan podcast, people are wondering if Google is still suppressing Proton.

It's complicated, but probably.

Here's a bit more info. 🧵 1/7
Being suppressed in Google search is often fatal and Proton experienced a serious incident in 2015 (since then resolved, and no, we did not sue Google):

proton.me/blog/search-ri…

Google’s #DMA compliance plan is a sham, and here’s why.

⬇️ 1/6 What is the DMA?
Under the new European Union’s Digital Markets Act #DMA, the practice of ‘tying and bundling’ is now prohibited, meaning @Google must stop preferencing its own key services on @Android.

⬇️ 2/6

New research conducted by Proton, in partnership with @ConstellaIntel shows that hundreds of political figures in the UK, France, and the EU have had their personal details leaked on the dark web.

Just one data breach could be a national security issue, so exactly how serious is a leak of this scale?

Read this thread for details.

⬇️1/7 UK Parliament 🇬🇧
The UK was hit hardest with 68%, or 443 MPs in the House of Commons having their details exposed on the dark web. 216 passwords in plain text and 2110 emails were leaked.

⬇️2/7

What is a digital footprint?

Your online activities create a trail, known as a #digitalfootprint, which can be used to track you.

Learn how to avoid leaving one and how to make it work for your benefit.

⬇️1/6 Defining your digital footprint

A #digitalfootprint is created by online activity, leaving behind a visible mark of your presence. Browsing, logging in, and clicking links are all recorded in some way.

⬇️2/6

🍎 Apple’s marketing team has built a powerful association between the #iPhone and #privacy.

But actions speak louder than billboards.

Let's talk about why your iPhone is not as private as you might think and what can you about it.

⬇️ 1/6 While #Apple claims “what happens on your iPhone, stays on your iPhone,” recent court files paint a different picture.

Apple lawyers stated that “no reasonable user would expect that their actions in Apple’s apps would be private from Apple.”

⬇️ 2/6

Studies show that we feel most romantic in springtime, so chances are many of you will be looking for a soulmate soon. 💜

Here are some steps to make #onlinedating as safe as possible.

⬇️ 1 / 11 STEP 1. Choosing the app or a website

Check if the dating app or dating website you plan to sign up to is on @haveIbeenpwned’s list of breached services: .

⬇️ 2 / 11haveibeenpwned.com/PwnedWebsites

This year is democracy's biggest test in history. Here are our seven predictions for the internet in 2024.

#Elections2024
1/9 1️⃣ Increased targeted censorship

As governments increase censorship, internet accessibility decreases, particularly for social media, messaging apps, and critical news sites.
2/9

Keeping you up to date with privacy and security news is one of the reasons we’re active on social media.

Here are the 2023 highs and lows - the news we've shared that you've found the most interesting:

🧵1/7 Early in the year, we raised awareness about internet censorship in #Turkey and enabled our Turkish community to fight it:

🧵2/7

https://x.com/ProtonPrivacy/status/1623353943936974852?s=20

Now that everything's online, fraudsters have proliferated. In 2022, the FTC received over 1.1M reports of identity theft. Here’s a thread on how malicious individuals steal your info and 10 ways you can prevent it: 🧵⬇️ Scammers steal your personal data, like credit card numbers or your name or address, which they use to pretend to be you. 🥸

A small list of how it can happen:
🎣 Phishing
🤖 Data breaches
👾 Malware
🤳 Social media
🗑️ Your trash

Read on for 10 ways to protect yourself. 🧵⬇️