As 2025 winds down, we’re continuing to build tools that let you take control of your digital life without compromising privacy.

Our latest roadmap reflects your feedback and our mission: to empower you, not exploit you.

Here’s a peek at what’s coming next 👇

1/4 ✉️ Mail & Calendar

Smarter inboxes will use Category View to automatically sort emails while staying private.

🌐 VPN

We will add free servers in 5 additional countries (Mexico, Canada, Switzerland, Norway, and Singapore) - better speeds, more coverage.

2/4

Europe outsourced its digital backbone for decades.

Today, that choice has become a strategic liability.

New Nordic snapshots show how deep that dependency runs in 🇩🇰Denmark, 🇫🇮Finland, 🇮🇸Iceland, 🇳🇴Norway, and Sweden🇸🇪.

Let's talk about it! ⬇️ Baseline: 74% of Europe’s publicly listed companies depend on US tech for email/security (the gateway to cloud, docs, identity, and security).

Nordics Stats

🇩🇰DK: 89% → 9 sectors at 100%; consumer staples distribution & retail 0%

🇫🇮 FI: 92% → 16 sectors at 100%; household & personal products 50%

🇮🇸IS: 97% → 16 sectors at 100%; household & personal products 50%

🇳🇴NO: 96% → 17 sectors at 100%; media & entertainment 75%

🇸🇪SE: 91% → 9 sectors at 100%; banks 27%

Read the full study: proton.me/business/europ…

How much do you know about the most advanced censorship system in the world?

Framed as protection against "Western influence", China's Great Firewall controls the political + economic narrative for China's 700M+ users (a quarter of all internet users).

1/8 But it doesn't stop there...

A massive leak of 100,000+ documents has revealed that a Chinese company, Geedge Networks, is exporting GFW-style tech to authoritarian regimes worldwide.

Recipients include Kazakhstan, Ethiopia, Pakistan, Myanmar, & others.

2/8

Imagine this: you open an email from your inbox and start reading.

In the background, text is fed to your AI extension, making it delete every email from your inbox.

This isn’t a dream; with AI agents and prompt injection attacks, it’s currently a possibility.

1/5 Anthropic recently announced Claude for Chrome, a browser-based AI agent that can take actions on behalf of users.

The extension is currently only available as a preview to 1,000 subscribers on Anthropic's Max plan.

The limited release is due to security concerns.

2/5

Your face is yours, but Big Tech doesn’t want it to stay that way.

It’s time for a deep dive into facial recognition. ⏳

Governments, advertisers, and tech companies are finding new ways to capture, analyze, and profit from the most personal part of who you are.

1/7 Facial recognition technology is biometric software that identifies/verifies a person by analyzing their facial features.

Your scanned face is compared with a database, which contains images from government databases, social media, or the open web.

2/7

Switzerland prides itself on independence, yet 68% of listed firms run on US email (the gateway to the whole tech stack). 🇨🇭

Independence is hard if your infrastructure is controlled abroad.

Let’s talk about it 👇

1/5 Why it matters

🚩 Foreign laws reach Swiss data (CLOUD Act)
🚩 Geopolitical leverage over critical sectors
🚩 Less control over data storage and processing
🚩 Swiss data can be used to train AI
🚩 Limits Swiss innovation

For a nation built on independence and neutrality, this is a massive vulnerability.

2/5

Ever had someone give you something and not want to give it back? Data brokers feel the same…

An investigation by The Markup found that 35 registered Californian data brokers have noindex code on opt-out & data deletion pages.

Why? To keep them off search engines.

1/6 That's not the only way that brokers create obstacles to user privacy.

An analysis of 750 US-based data broker groups revealed that 100s of brokers registered in one state but failed to register in another, despite the legal requirement.

Most of them operate nationally...

2/6

Perplexity’s $34B bid for Chrome is still not nearly as perplexing as what they’re planning to do with your browsing data.

Let’s take a look. 👇 🧵

1/7 For context, earlier this year, when Perplexity CEO @AravSrinivas confronted us, we asked him to vow that his company would never monetize user data.

He unfortunately never got back to us, and instead went on to create Comet, a privacy-invasive AI browser.

2/7

Europe outsourced its digital backbone for decades.

Today, that choice has become a strategic liability.

Our new study shows how deep that dependency runs — starting with email, the gateway to every company’s stack.

Let's unpack it 👇
1 / 8 Over 74% of all publicly listed European companies run their email, and therefore cloud, docs, AI workflows, on Google or Microsoft.

That puts strategy decks, budgets, daily ops, and sensitive client data on servers governed by foreign laws.

2 / 8

A popular dating safety app has recently spilled more than just the tea ☕

User data from Tea, a platform which claims to have upwards of 1.6 million users, has ended up on 4chan.

The app exists to share information between women about possible matches on dating platforms.

1/8 According to the attackers, data used to verify users, such as driver’s licenses and selfies, was publicly accessible without authentication.

Tea confirmed that 72k images had been exposed, including 13k selfies and photo identification submissions.

2/8

Proton has completed a SOC 2 Type II attestation.

It adds to our ISO 27001 certification and compliance with GDPR and the Swiss DPA.

What does that mean, and why should you care?

Let’s break it down 👇

🧵1/6 SOC 2 Type II is one of the most widely recognized standards for operational security.

It doesn’t just look at your policies, it audits how well you actually follow them over time.

🧵2/6

What are data brokers, and why should you care?

They collect your information from apps, websites, credit reports, and public records, selling it to whoever is willing to pay.

All without your knowledge.

Let's learn about a $270 billion industry...

1/8 👇🧵 Data brokers collect, process, and sell or share personal information about people.

They gather data from:

📁 public records
🌐 online activity
🛍️ retail and loyalty programs
📱 mobile apps and location data
💳 credit reporting
🏦 financial institutions

2/8

Looking to boost the security of your Android device?

Android 16 has a new feature that may be just what you need.

Advanced Protection offers enhanced security by enabling features that are not enabled by default.

Let's dig in... 🧵👇

1/6 Here's a roundup of what is turned on with Advanced Protection:

🔛 Theft detection
🔒 Forced HTTPS for Chrome
🛑 Scam and spam protection in Google Messages

These reduce the chances of interacting with insecure websites and unknown individuals.

2/6

Meta's creativity for developing ways to track you is truly limitless.

Android users, you'll want to hear this:

🧵👇

1/6 Millions of sites contain code that enables companies like Meta to build an advertising profile of users based on their web activity.

Conventionally, this data goes from computer to cloud.

Impersonating an Android device, a researcher discovered something different...

2/6

"Whatever you chat about with Meta AI, just picture Zuckerberg watching."

More and more people are turning to AI to provide answers, advice, and counselling.

Here are 5 essential things you MUST know about Meta's AI app before using it:

1/7 1⃣ Meta will keep a copy of everything you say by default.

Unsurprisingly, for a company that has been fined more times for privacy violations than you can count, Meta's AI builds a Memory file when you chat with it.

Getting rid of this information is not easy.

2/7

🧵 241 official German parliament member email addresses were found on the dark web -- that's 13% out of the 1,874 checked. Leaked via breaches of services like Dropbox, LinkedIn & even adult sites.
1/5

⬇️ We found that members of state parliament had more than just their email addresses leaked. There were also birthdates, addresses, passwords (153 in plaintext), and more, all for sale on the dark web.
2/5

⬇️

Today, we're sharing plans for the next 3-6 months — new features & improvements to give you more powerful tools to protect privacy, boost productivity, & take control.

We work for you and only you, so we selected these features based on your feedback & requests. 🧵

1/8 @ProtonVPN

Popular features will be available on more platforms.

Exclude apps & websites from your VPN with Split Tunneling on Mac & Linux.

Get the parental controls & filtering from 3rd-party DNS with Custom DNS on iPhone & Mac.

Explore more:

2/8protonvpn.com/blog/vpn-roadm…

Meta AI in WhatsApp is now near-inescapable, with the feature rolling out to more devices.

Even users based in one of the 41 European countries should soon see it if they are using the messaging app.

This AI is a less-powerful version of Meta AI's web app.

1/5 Users should see an AI button above the one used to create a new chat, and prompt shortcuts in the search bar.

This AI can be used to create stickers, but not to transcribe audio or summarize the contents of group chats. It can also share Bing links and generate text.

2/5

How we use the internet is largely shaped by a handful of US-based tech giants.

US gov't surveillance laws allow them to demand access to your data without your knowledge or a warrant.

Read the thread below for the list of European alternatives that put your privacy 1st.

1/16 We founded Proton in 2014 specifically to resist mass surveillance and abuses by Big Tech.

Google’s Gmail, Drive, Docs, Password Manager and Calendar can now be replaced with @ProtonMail, @ProtonDrive, Proton Docs, @Proton_Pass and Proton Calendar.

2/16

Think this is a fun trend? Think again.

While some don't have an issue sharing selfies on social media, the trend of creating a "Ghibli-style" image has seen many people feeding OpenAI photos of themselves and their families.

Here's why that's a problem:

1/4 Aside from the risks of data breaches, once you share personal photos with AI, you lose control over how they are used, since those photos are then used to train AI.

For instance, they could be used to generate content that may be defaming or used as harassment.

2/4

None of your business (noyb), a privacy non-profit based in Austria and Proton Lifetime Fundraiser beneficiary, is helping a Norwegian ChatGPT user in a complaint against OpenAI.

This complaint has come as a result of fake information being generated by their LLM.

1/6 The user tried to find out if OpenAI had information about him, and so asked it to tell him who he was, using his full name.

ChatGPT confidently made up a story where he was a convicted child murderer, citing the right city and correctly stating that he has three kids.

2/6