The case you shared in fact shows that the Proton's encryption ensures privacy by default and that it cannot be bypassed even when we're presented with a court request that we cannot legally contest. Namely, weren't able to share any of the user's email content due to zero-access encryption which makes it inaccessible to us: https://proton.me/blog/zero-access-encryption. All we could provide was the limited metadata we need to have access to anyway in order for the email service to work properly. Additionally, the user's identity had already been known to the law enforcement. As any legally operating company, we need to comply to the local legislation.

There is also no comparison between Crypto AG and us. Our encryption occurs client-side, our cryptographic code is open source ( https://proton.me/community/open-source ), and our tech can and has been independently verified. More about this here: https://proton.me/blog/is-protonmail-trustworthy

Finally, regarding payment in cryptocurrency, you can also pay for Proton's services in Bitcoin: https://proton.me/support/payment-options#bitcoin.

> Proton for instance revealed the location of a climate activist leading to his arrest[2], with the inspiring message from the CEO that "privacy protections can be suspended", silently on a per-user basis at any time.

That person isn't just a climate activist, they (and others who used that email account) broke French laws. Swiss authorities compelled the disclosure.

> broke French laws. Swiss authorities compelled the disclosure.

That's a terrible reason. Torrenting breaks French law. Having the wrong bread or cheese with your wine probably breaks French law.

And if your company can be compelled via gag order to give up your users' privacy whenever the authorities feel like it, well, your product isn't very effective anyways, and you should stop pretending you offer any meaningful level of protection.

Thankfully, gag orders are not permissible in Switzerland, so the scenario you are describing is impossible.