The VPN industry is notorious for unscrupulous or even malicious players, so it’s reasonable to ask why ProtonVPN can be trusted. Here are some qualities that set us apart from other VPN providers.

In 2017, ProtonMail entered the VPN space with the launch of ProtonVPN. We decided to launch a free VPN service because ProtonMail protects journalists and activists around the world, and as a result of our activities in that area, ProtonMail runs a high risk of being blocked in various countries. This theoretical risk has become a reality in recent years, with ProtonMail being temporarily blocked in Turkey and Russia. A VPN is often the best way to circumvent such blocks.

Many VPN services already exist, but we launched ProtonVPN because we wanted to build a VPN we knew we could trust. Many VPNs are notoriously bad — many of them contain malware while others knowingly violate the privacy they claim to protect. Hotspot Shield, for example, was the subject of an FTC complaint by the Center for Democracy and Technology for data sharing and traffic redirection.

Unscrupulous VPN companies also engage in many unethical business practices. A surprising number of VPN review sites are either secretly owned (or funded) by VPN companies themselves, so reviews are neither independent nor honest. Another common practice is to post fake reviews of other VPN services (such as ProtonVPN) to drive customers to their own services. Other tactics we have seen include using anonymous websites and hundreds of Twitter bots to spread fake news or sending anonymous “tips” to journalists with misleading information.



Here is the list of 500 potential bot accounts that are either actively being used in the @ProtonVPN smear campaign or likely will be in the near future. This is not all that are out there. I just need to sleep before enumerating the rest… 😴https://t.co/OKr1y70LHx — Gallagher (@DanielGallagher) September 2, 2018

These maneuvers generally are not very effective, especially against ProtonVPN, as we’re a transparent company. However, they do have the cumulative effect of reducing user trust in the VPN industry as a whole by exposing the unscrupulous nature of many VPN providers. In this context, we want to provide some facts that demonstrate how ProtonVPN is different when it comes to trustworthiness.

Why ProtonVPN is trustworthy

In the VPN industry, it can be challenging to sort through all the fake reviews and information. However, there are several factors that set ProtonVPN apart, all of which are all well documented.

Business model

Proton Technologies AG, the Swiss company that is the parent of both ProtonMail and ProtonVPN, has one and only one business: privacy. Users who pay for ProtonMail or ProtonVPN (in order to access paid features) do so because they wish to keep their personal data private. Our users are our only source of income. Even if you ignore all the other reasons that drive us to do what we do, from a pure self-interest standpoint, we are incentivized to keep our users’ trust. By using a subscription business model, our interests and the interests of our community — online privacy — are fully aligned.

Transparency

As a company, we are transparent about who we are. We do not hide behind offshore shell companies. Where we are based, the address of our headquarters, our company statutes, and even our directors are all a matter of public record and available for inspection at the Swiss commercial register. The names and backgrounds of our leadership team have been publicly disclosed. So are the locations of all of our offices, our sources of funding, and even a full accounting of all the law enforcement requests we have received. We also clearly state the threat model for the services we offer (i.e., what they can and can’t protect you against), and provide a GDPR-compliant privacy policy.

In other words, you know who runs the company, where we run it from, what data we have, how we interact with law enforcement, and much more, and we do this with a level of transparency that is unmatched in the industry.

Open source and audited

We feel it is equally important that our code is transparent as well. That is why we were the first VPN service to have open source apps on Android, iOS, macOS, and Windows, in addition to our open source command line tool on Linux. All our apps have also undergone an independent security audit. This transparency increases our security by leveraging the entire IT security community to scrutinize our code and help find and fix any potential weaknesses.

So not only do you have transparency into who makes up the team at ProtonVPN, you also can see the code that makes up all of our apps.

Proven provenance

ProtonMail and ProtonVPN have been under the glare of public scrutiny from the very beginning. Our origins and history are a matter of public record. ProtonMail’s creation by scientists who met at CERN (the European Organization for Nuclear Research) is well documented on the CERN website. The scientific background of our leadership team is also a matter of public record, from our academic careers to our scientific publications.

ProtonMail’s initial financing through crowdfunding is also publicly documented, along with the identities of many of our initial financial backers. Our longstanding ties to Geneva and Switzerland are also well known, with Swiss public television, Swiss public radio, and even official Swiss government publications running features on ProtonMail. There is an overwhelming body of public documentation that attests to who we are and our story, which you will not find from any other VPN company.

Legal guarantees

Proton Technologies is not hidden behind a shell company based offshore in a suspicious jurisdiction. We are not only incorporated in Switzerland, but also headquartered here, and the bulk of our engineering team lives and works here. Switzerland is not only a country with strong privacy rights but also a country with a strong rule of law and is part of the European Single Market. This means that unlike other VPN companies, we can actually be held legally accountable for breaches in user privacy or false advertising. Under the EU’s General Data Protection Regulation (which we are obligated to comply with), breaching user privacy can lead to fines of up to €20 million. Unauthorized sharing of user data with third parties like foreign intelligence agencies is also a criminal offense under article 271 of the Swiss Criminal Code.

The increased accountability that we have as a Swiss company legally obligates us to respect user privacy and adhere strictly to ProtonVPN’s advertised no-logs policy.

Vetted by trusted third parties

While transparency and legal guarantees form a strong foundation for trust, you don’t have to take our word for it. ProtonVPN has also been thoroughly vetted by Mozilla, the nonprofit foundation behind the Firefox web browser, which we have partnered with to bring VPN technology to a broader audience. Furthermore, as the recipient of innovation grants from the Swiss government and also the European Union, Proton Technologies has also been exhaustively checked and vetted by the European Commission. (Note that these grants do not give any control to the grant agencies, nor obligate us in any way. Learn more here.) The fact that trusted third parties have assessed both ProtonMail and ProtonVPN and gone into business with us provides a further guarantee that we live up to our word.

Community engagement

As a company, we care deeply about our community and making the world a better place. For us, privacy and security are deeply held core beliefs that come before profits. This drives our engagement with our community. Examples include our training sessions with the Second Asian Investigative Journalism conference, our work in the open source community driving the development of OpenPGP.js (one of the world’s most widely used Javascript encryption libraries), the GopenPGP project, and the technical talks we have given about building privacy.

Sometimes, our engagement happens closer to home, like when we helped force a nationwide referendum on Swiss surveillance laws (even though ProtonMail is unaffected due to our encryption). We also engage more broadly, like when we gave a TED Talk that reached millions of people worldwide, or when we spoke at a United Nations conference about combating terrorism while protecting human rights online. We recently worked with Reporters Without Borders Berlin to sponsor a scholarship program for journalists, and also provided funding for the largest independent news outlet in Belarus.

Our frequent community engagement means that many people in different fields have had the chance to meet our team, get to know us, and confirm that we are who we claim to be.

Our commitment

We are committed to making privacy and security available to all citizens of the world and will continue to carry out our mission as effectively as possible. We are grateful for the more than 10 million people who have joined our community and supported us along the way. We know that trust is earned, not given. Through persistent dedication to our principles of privacy and transparency, we are trying to be worthy of it.



Best Regards,

The ProtonVPN Team

