The Proton Blog

Spam Watch 2025: The hidden trackers and inbox overload behind holiday marketing

Edward Komenda — Wed, 10 Dec 2025 14:56:20 GMT

Every holiday season, inboxes across the United States fill up quickly. Messages arrive in bursts, subject lines get increasingly urgent, and it becomes harder to manage the constant flow of promotions. This, to most people, is just the way things are. Totally normal.

Under the hood of these promotional campaigns, however, is something far more creepy.

Most marketing emails contain hidden trackers that report when you open a message, what device you use, and whether you click. Brands then use this information to decide when to email you next and how often. During the holiday shopping season, this system intensifies, creating a predictable surge in volume and what is essentially surveillance of your online activity and habits.

To measure this more clearly, Proton created Spam Watch: The U.S. Inbox Overload + Hidden Tracker Report, a controlled analysis of how 50 of the largest major U.S. retail brands behaved in the weeks leading up to and during the busiest shopping period of the year.

Read the full report here:

Proton Mail Spam Watch 2025 – The U.S. Inbox Overload + Hidden Tracker Report Download

How Spam Watch works

We set up a dedicated Proton Mail test inbox — trackers.us@proton.me — and subscribed it to 50 major U.S. retail brands. For each email received, we recorded:

Sender
Subject line
Date and time
Number of trackers detected
Daily and weekly sending patterns
Repetitive or high-frequency sends

We were able to measure this data, because Proton Mail is built to identify these hidden trackers in several ways, including:

Remote content blocking
Invisible pixel protection
Link cleaning (which removes tracking parameters while preserving functionality)

These tools gave us a transparent, consistent way to measure both email volume and email tracking during the holiday season.

When we measured it

We analyzed messages across three specific timeframes:

1. Pre–Black Friday period (baseline): Nov 4 → Nov 27.

Typical seasonal sending before holiday promotions intensify.

2. Holiday shopping period (Black Friday through Cyber Monday): Nov 28 → Dec 1

Historically the highest-volume period of the year for retail email.

3. Full analysis period: Nov 4 → Dec 1

All findings and rankings in this report are based on this complete window.

These windows help us measure both the baseline and the seasonal spike in sending and tracking.

What we found

This year’s data confirms a clear turning point in digital marketing:

80% of major U.S. retailers embedded trackers in 100% of their marketing emails.
Inbox volume surged 93% during the holiday peak.
Home and décor brands were the most aggressive overall.
Lingerie and intimates brands packed the most trackers into each message.
Department stores led the charge in sheer frequency.

Inbox overload isn’t a personal organization problem.
It’s an engineered outcome.

Which brands were the worst offenders?

When you multiply the average daily emails by the average tracker count, these brands come out on top as the worst of the worst. This single score captures both how often a brand emails you and how densely each email is packed with trackers.

CB2– Score: 27.39 (13.00 trackers/email × 2.11 emails/day)
Anthropologie– Score: 24.31 (12.90 trackers/email × 1.88 emails/day)
Victoria’s Secret– Score: 21.75 (13.84 trackers/email × 1.57 emails/day)
VS Pink– Score: 16.00 (14.00 trackers/email × 1.14 emails/day)
Crate & Barrel – Score: 15.71 (7.86 trackers/email × 2.00 emails/day)
kate spade– Score: 12.00 (5.51 trackers/email × 2.18 emails/day)
Pottery Barn– Score: 11.25 (5.00 trackers/email × 2.25 emails/day)
DICK’S Sporting Goods– Score: 9.82 (3.31 trackers/email × 2.96 emails/day)
Lowe’s– Score: 9.73 (4.42 trackers/email × 2.20 emails/day)
Urban Outfitters– Score: 9.00 (4.00 trackers/email × 2.25 emails/day)
J. Crew– Score: 8.16 (8.50 trackers/email × 0.96 emails/day)
Aerie– Score: 7.71 (9.00 trackers/email × 0.86 emails/day)
Ulta Beauty– Score: 6.50 (12.00 trackers/email × 0.54 emails/day)
NORDSTROM– Score: 6.00 (2.90 trackers/email × 2.07 emails/day)
JCPenney– Score: 5.89 (3.00 trackers/email × 1.96 emails/day)

Which brands sent the most email?

Some retailers emailed occasionally. Others emailed constantly — multiple times a day, every day. These brands represent the highest daily frequency across the full study window — the ones constantly vying for attention.

LOFT– Score: 3.62 (101 emails / 28 days)
Macy’s– Score: 3.52 (98 emails / 28 days)
Neiman Marcus– Score: 3.32 (92 emails / 28 days)
DICK’S Sporting Goods– Score: 2.96 (82 emails / 28 days)
Ann Taylor– Score: 2.88 (80 emails / 28 days)
Aeropostale– Score: 2.59 (72 emails / 28 days)
Bergdorf Goodman– Score: 2.50 (70 emails / 28 days)
Pottery Barn– Score: 2.25 (63 emails / 28 days / 11.25 Daily Tracker Load)
Urban Outfitters – Score: 2.25 (63 emails / 28 days / 9.00 Daily Tracker Load)
Lowe’s– Score: 2.20 (61 emails / 28 days)

Which brands embedded the most trackers?

Many brands didn’t send high volumes. But when they did email, they packed each message with an unusually large number of trackers — sometimes more than a dozen in a single email. These brands represent the highest “surveillance intensity,” measured by average trackers per email.

VS Pink– 14.00 trackers per email
Victoria’s Secret – 13.84 trackers per email
CB2– 13.00 trackers per email
Anthropologie– 12.90 trackers per email
Ulta Beauty– 12.00 trackers per email
Aerie– 9.00 trackers per email
J. Crew– 8.50 trackers per email
Crate & Barrel – 7.86 trackers per email
REI– 6.83 trackers per email
kate spade– 5.51 trackers per email

Which brands flooded inboxes the most?

These retailers produced the biggest single-day spikes — the moments when inboxes felt truly chaotic. This metric captures peak overwhelm: the maximum number of emails a brand sent in a single day during the holiday rush.

The Inbox Flooders

Macy’s– (Peak: 7 | Daily Avg: 3.14) | Peak Date: Nov 29 (Saturday of Holiday Weekend)
LOFT– (Peak: 6 | Daily Avg: 3.36) | Peak Date: Nov 28 (Black Friday) & Nov 30 (Sunday)
Bass Pro Shops– (Peak: 6 | Daily Avg: 1.75) | Peak Date: Nov 28 (Black Friday)
Saks OFF 5TH– (Peak: 6 | Daily Avg: 1.61) } Peak Date: Nov 30 (Sunday)
Ann Taylor– (Peak: 5 | Daily Avg: 2.68) | Peak Date: Nov 28 (Black Friday)
Pottery Barn– (Peak: 5 | Daily Avg: 2.25) | Peak Date: Dec 1 (Cyber Monday)
kate spade– (Peak: 5 | Daily Avg: 2.18) | Peak Date: Nov 18
NORDSTROM– (Peak: 5 | Daily Avg: 2.07) | Peak Date: Nov 29 (Saturday)
Anthropologie– (Peak: 5 | Daily Avg: 1.75) | Peak Dates: Nov 25 – Dec 1 (a week straight)
Gap– (Peak: 5 | Daily Avg: 1.54) | Peak Date: Nov 26 (Day before Thanksgiving)

What else we discovered

While the metrics above capture the core consumer-facing insights, our deeper analysis revealed several patterns:

Home décor and luxury home brands were the “double threats”

They combined high send volume with high tracker density. CB2, Crate & Barrel, and Pottery Barn ranked among the most invasive senders overall.

Lingerie and intimates brands topped the tracking charts

VS Pink, Victoria’s Secret, and Aerie averaged 9–14 trackers per message — the highest in the study.

Department stores dominated high-frequency sending

Macy’s and LOFT regularly sent 3–4 messages per day, every day.

Some big retailers stood out for doing the right thing

H&M, TJ Maxx, Burlington, Bass Pro Shops, and New Balance sent zero emails with trackers — proof that surveillance isn’t necessary to run a modern retail email program.

No major U.S. retailer met the “Proton Gold Standard”

None satisfied both conditions of:

Zero trackers
Low volume (< 0.5 emails/day)

Privacy-respecting email marketing is possible — but almost no one is doing it.

Proton Mail blocks hidden tracking by default

The findings from Spam Watch 2025 highlight a simple truth: Inbox overload is driven by widespread tracking and high-volume sending, not by personal disorganization.

Proton Mail reduces this problem at the source:

Tracker blocking stops invisible pixels from loading
Remote content control prevents image-based tracking
Link cleaning strips tracking parameters
Smart filtering helps keep promotions contained
Privacy by default keeps inbox behavior private

These protections limit the data marketers rely on, resulting in fewer trackers and fewer unnecessary follow-up emails.

A more private, manageable inbox is possible

Spam Watch helps make the hidden layer of email marketing visible. By measuring how brands behave during the holiday shopping season, we can show why inboxes feel overwhelming — and how privacy-first tools change that experience.

Proton Mail aims to give people what the data shows they need: a better inbox and fewer companies tracking their every move online for profit.

Get started with Proton Mail

Don’t copy Spotify Wrapped if you care about your customers

Alanna Alexander — Wed, 10 Dec 2025 14:19:41 GMT

Spotify Wrapped is here. Every year since 2016, Spotify processes a year’s worth of listening data — every play, skip, and repeat — into a personalized snapshot of your behavior. The listening platform describes it as “a mirror showing the moments, moods, and memories” that shaped your year.

As it does every year, Wrapped is flooding Instagram Stories, dominating group chats, and inspiring dozens of articles about the company’s marketing genius. And, like clockwork, every business leader is asking: How can we do our own?

It’s no wonder. Spotify Wrapped is a great commercial success. Many of its 713 million users have taken to sharing their top artists, albums, and songs — effectively turning personal analytics into free distribution. In 2024, Spotify’s co-president Alex Norström said it was a “huge driver behind MAU and subscriber growth”, boosting Q4 performance as it always does.

Businesses in other industries are tempted to try similar tactics: banks experimenting with end-of-year spending recaps, fitness platforms attempting annual workout summaries, even grocery stores releasing “your year in orders” campaigns.

Wrapped’s charm has made it harder for people to see its methods as surveillance. Instead, it’s set a dangerous precedent — one that’s far riskier for most businesses than it appears.

Nobody explicitly consented to Spotify Wrapped

A common defense of Wrapped (and surveillance advertising in general) goes like this: “Consumers don’t mind tracking if they get something valuable in return.”

That argument, however, is based on the premise of a fair exchange of value, in which both parties consent to the trade. Spotify users don’t have that choice.

As NPR notes, researchers studying the “privacy paradox ” reject the fair value exchange framing altogether because it implies consumers have a real option to protect their privacy. In practice, they don’t.

Spotify does not allow users to withdraw their consent for the collection of basic streaming history. Services are designed so that opting out of handing over data means opting out of modern life. Wrapped has normalized “constant tracking of digital footprints consumers leave online,” says Yakov Bart, a marketing researcher at Northeastern University. “…Instead of kind of feeling under surveillance, users (are) basically feeling seen.”

But for smaller, less beloved businesses, now’s not the time to be opaque about how you use customer data. As distrust and suspicion about data collection methods (especially around AI) rises, your customers want more information — not less — about what they’re agreeing to when they hand their personal data over.

Detailed, mandatory data collection isn’t just an ethically-questionable customer-experience issue. It leaves you open to regulatory risk too.

Crossing the privacy line

Wrapped works because Spotify tracks everything you do on the platform: what you listen to, when, how many times, in what sequence, how your behavior changes over the year, which artists you skip, and even the emotional tone inferred from your habits. That is a lot of data.

Collecting, storing, and using that amount of behavioral data is expensive and logistically challenging. It’s also a liability.

Every extraneous bit of data you store — every behavior log, event timestamp, or inferred preference — is more data you could leak in breach. A single incident can cost a small firm over $1 million in regulatory fines under GDPR, incident-response costs, class-action lawsuits, customer churn, mandatory credit monitoring, reputational damage, and months of internal disruption.

Spotify itself is facing a €5 million fine in Sweden for failing to give EU users full transparency about the personal data it processes. That’s why data minimization, collecting only the data you need to deliver the service, matters. It signals credibility.

If you’re collecting more data than you need to deliver your service, that isn’t personalization. It’s surveillance.

For most businesses, the risk simply isn’t worth it.

What should your business do instead?

You don’t need to offer a glossy annual recap that spies on your customers and broadcasts those findings. What you do need to offer is trust.

Here are three principles that privacy-first companies (including Proton) stand by:

Collect the data you genuinely need. Nothing more. Should you track your users’ clicks, location, and heart rate if your business is a calculator app? Almost definitely not.
Ask for explicit, granular consent. Your users shouldn’t be tricked, nudged, or overwhelmed into data sharing. If you can’t explain why you need a data point in one sentence, it’s highly unlikely that you’ll need to collect it.
Treat user data as borrowed, not owned. Privacy-first companies operate on the assumption that customers’ data belongs to them alone. The company is merely its temporary steward. That means, if/when a customer wants to delete their data, they should be able to delete it anytime and still be able to use the service.

A better kind of year-in-review

Most businesses can’t copy Wrapped because they don’t share Spotify’s granular view of consumer data, its brand affection, or cultural impact. Even if you did, it wouldn’t charm your customers — it would alarm them.

Privacy laws are tightening. Public sentiment is shifting. AI-driven data extraction is under increasing scrutiny. As people become more aware of how much of their behavior is quietly tracked and repurposed, they’ll choose services that respect their boundaries.

The good news is: There are ways to provide personalized year-end recaps that adhere to privacy-first principle. For example, Strava’s opt-in activity summaries reflect only the workouts users deliberately record and Duolingo’s clear, time-bounded recap tells learners exactly which data is included.

You also have the option to skip data tracking entirely by offering:

A self-guided “Your year with us” quiz: Let people click through a short interactive quiz that they answer. The result feels personalized, but you never log or store the responses.
A privacy-respecting leaderboard: Highlight the most popular features overall, or the most common workflows your customers rely on.
Customer-powered success stories: Invite users to voluntarily share a win from the year. Turn the best ones into a collage or short reel. No tracking — just opt-in submissions.

If you’re asking, “How do we build our own Wrapped?”, the more relevant question may be: “How do we build trust?”

You won’t just avoid the pitfalls of Wrapped-style surveillance, you’ll help build an internet where data is treated with restraint, where users have autonomy, and where loyalty is earned by usefulness not intrusion.

How to write an email for a job application (with samples)

Edward Komenda — Mon, 08 Dec 2025 19:17:32 GMT

If you’re used to applying to jobs using third-party apps like LinkedIn or Indeed, you’re not alone. According to a report from recruitment tech company Appcast, 67% of job applications were submitted through a smartphone in 2021. While there isn’t an official statistic on how many people use job board apps to find a job, all it takes is a quick scan of any one of these websites to see that people are using them in record numbers.

That begs the question, is anyone still sending job application emails? The answer is yes, and it could actually help you stand out among a sea of applicants.

A well-written job application email can make a special and personable first impression, while many job board applications don’t.

If you’re ready to learn how to write a professional email for a job application, or are looking for job application email samples, you’re in the right place.

In this article, we’ll cover the fundamentals of applying for a job by email, including tips, things to avoid, and three samples you can customize for a job application that’s sure to get you noticed.

How to write an email for a job application and what to include
Tips for writing an effective email for job applications
Sample job application emails for common scenarios
Common job application mistakes and how to avoid them
Tailor your job applications with Proton

How to write an email for a job application — and what to include

There are a few key things you should always write in a job application email. Some of these are common elements you already add in day-to-day correspondence, while others specifically pertain to job application emails. These include:

A clear and concise subject line.
A friendly but professional greeting.
An opening line that mentions the position you’re applying for, and how or where you found the job listing.
The body of your email message, containing a brief summary of your qualifications and any relevant career details.
Attachments, including your resume and cover letter.
A portfolio, especially if asked for.
A proper closing statement with a signature that includes your contact information.

Tips for writing an effective email for job applications

A good job application email can really help you stand out, so being intentional about anything that you add in it is key. Here are a few best practices to keep in mind:

Don’t fall into the trap of submitting the same application for different jobs. Instead, tailor your resume and cover letter for the individual position you’re applying for. That extra bit of effort can go a long way if the hiring manager is used to reading generic emails before they get to yours.
Make sure attachments are appropriately named and formatted. It’s customary to make multiple edits to a resume or cover letter, but make sure you change your title from “Resume Edit Number 12” to something more professional, like “[Your name] – Resume – Company name and position.”
Use spell check to avoid typos and grammatical errors. Those can make an otherwise strong application appear sloppy and even get your email ignored.
Keep your message concise and professional. Your email shouldn’t be so long that it’s a chore to read, and it should have a consistent tone from beginning to end.

Sample job application emails for common scenarios

Here are a few samples you can use for your next job application email, but remember to personalize them and adapt them to the job you’re applying for.

1. Just out of college/entry-level job

Subject line: Application for [job title] – [Your name]

Dear [hiring manager’s name],

My name is [your name] and I’m writing to apply for the [position] at [company name], as advertised on your company’s career page. I recently graduated with a degree in [your degree] from [your university], and I’m excited to contribute my skills to your team.

During my internship at [company name], I worked on [projects like social media, data analysis, etc.] and learned how to work in a team environment and hone my [marketing or other field] skills — things I’m excited to continue full-time. I’ve attached my resume and cover letter for review.

Thank you for considering my application. I look forward to the opportunity to be a part of your team.

Best regards,

[Name]

[Signature with contact information]

2. Applying with a referral

Subject line: Referred by [name] – Application for [title]

Hi [hiring manager’s name],

My name is [your name] and I’m reaching out to express my interest in the [position] at [company]. Your colleague, [referral name], recommended I apply after I expressed interest in [your field].

With years of experience in [your field], I’ve managed [list relevant projects and other ways you’ve led your team in your current career]. At my current company, I led the development of [another project] that [increased sales or another statistic] by [percentage].

I’ve attached my resume and cover letter for your reference. I’m available at the phone number below to discuss how I can add value to your company.

Best regards,

[Name]

[Signature with contact information]

3. Cold email introduction

Subject line: Job inquiry – [Include a brief explanation of your skills here, like, “Freelance marketing consultant”]

Dear [hiring manager’s name],

My name is [your name] and I’m a freelance marketing consultant [or other title]. I’m reaching out as a consultant with [number] years of experience in the [marketing] field. I’ve been admiring the work coming out of [company name], especially with regards to [a recent campaign or launch, or something specific to the company.]

I didn’t see any open careers on your website, but I hope you consider me for any opportunities in the future. I’ve attached my resume and portfolio for your review.

Thank you for your time.

Best regards,

[Name]
[Signature with contact information]
[Link to portfolio]

Common job application mistakes — and how to avoid them

At Proton, we receive a lot of application emails. Here are some of the most common mistakes we see, along with our tips on how to avoid them:

Being too informal. Remember, you’re talking to a possible future employer. Use language that reflects your desire for the job, and always keep it professional.
Using the same email body for different applications. Make sure your message is tailored to the job you’re applying for.
Not being specific. Always include details about specific roles you’ve played in previous careers.
Leaving out results or achievements. Any tangible number that can directly show how you’ve improved or solved a problem for your company is something you should mention.
Forgetting attachments. Don’t forget to add your resume and cover letter.
Not formatting your attachments as PDFs. This format ensures that the hiring manager can read your resume on any device.
Using an unprofessional email address. Use an email address that reflects your professional identity, or, even better, create a custom email domain. (Or, if you apply at Proton, a proton.me email address might be a good idea).
Not proofreading. Make sure you spell check and proofread your email and your attachments before you send. Need assistance? Proton Scribe can help with the tone, format, and spelling of your email.
Repeating yourself. Using the same language in your email that you use in your resume and cover letter can appear lazy. Cross check your attachments to make sure your email sounds like a fresh, new message that’s distinct from your attachments.

Tailor your job applications with Proton

You’ve got the basics on how to write a job application email covered. Now you just have to write it.

Still stuck? Get started using one of our job application email templates above, and then tap Scribe, Proton Mail’s privacy-focused writing assistant, to help you set the tone and improve your first draft.

Built right into Proton’s email composer, Scribe can proofread and shorten your message for the right audience — all without sharing any of your personal data.

Or, if you’d like to do a few iterations, you can use Lumo, our fully encrypted, privacy-first AI assistant.

If you’re ready to apply to the job of your dreams, Proton can help. Sign up for a free email account and experience the many ways Proton’s suite of privacy-forward products can help your professional career today.

Create a free account

Frequently asked questions

Do I have to include a cover letter?

Yes. Unless the job application explicitly states not to include one, you should always include a cover letter and attach it as a PDF in your email.

How long should my job application email be?

Your job application email should be quick and professional — no more than two or three short paragraphs. Remember, the email is just your introduction. Let your resume and cover letter do the talking.

Can I use the same email message for multiple applications?

We’d advise against it. When you customize your emails to the specific job and company, your message can really shine. A personal email shows authenticity, and most hiring managers can tell when you hit copy and paste.

I don’t know the hiring manager’s name — now what?

Try to find the hiring manager’s name on the company website or a similar networking profile like LinkedIn. If you still can’t find it, you can use a general phrase like “Dear hiring manager” or address the company directly.

What file format should I use for my resume and attachments?

PDF is the most professional format, and it’s the least likely to get corrupted across different email servers, devices, and operating systems.

Is it okay to follow up after submitting a job application?

Yes. It’s a good rule to wait about a week before sending a polite follow-up email that restates your interest and inquires about any updates.

ESET Password Manager is shutting down: Here’s how to switch

Kate Menzies — Mon, 08 Dec 2025 16:45:58 GMT

Slovakian cybersecurity company ESET has announced that ESET Password Manager is being discontinued. Sales for the product ended on October 21, 2025, and new subscriptions can no longer be purchased. No replacement app is being developed as the company is opting to end support for some of its older services, such as its parental control app for Android

ESET Password Manager will shut down on October 18, 2027. After that date, the app won’t work anymore and all your stored data will be permanently deleted. In other words, you’ll need to export your passwords and find them a new home before that deadline.

Get Proton Pass

How your ESET Password Manager subscription is affected

Here’s what all of this means for your subscription:

If you activated ESET Password Manager before October 21, 2025, you can keep using it until your current subscription period ends. However, any subscription changes you make after that date (upgrading, downgrading, enlarging, downsizing) will block new activations.
If you have an annual subscription and your first renewal happens before October 18, 2027, you’ll be able to use the tool until the end of your renewed subscription period plus 14 extra days. But if your first renewal is scheduled after October 18, your access will end on that date.
If you have a monthly auto-renewal subscription, the app stopped working for you on December 5, 2025, and you can no longer access it.
If you purchased a subscription but didn’t activate it before October 21, 2025, you won’t be able to anymore, as the feature no longer appears in any ESET product or in ESET HOME.

Choose your new password manager

When you’re ready to move to a new password manager, you can choose one that goes beyond just basic password management. With Proton Pass, you can:

Store as many items as you want, including passwords, identities, credit cards, and encrypted notes.
Securely share vaults containing logins, aliases, notes, and more with anyone.
Attach files (such as ID scans or receipts) to items in your vault and share them securely, keeping everything you need organized in one place.
Use hide-my-email aliases to sign up for online services without exposing your real email address, helping you protect your privacy and avoid spam.
Enable two-factor authentication (2FA) for all your saved accounts with an integrated 2FA authenticator.
Protect yourself from data breaches with Dark Web Monitoring, which alerts you if your personal data was leaked.
Create and store passkeys for faster logging in and stronger security than passwords.

End-to-end encryption protects everything you store in Proton Pass — the same encryption used across all Proton apps. Plus, our password manager is open source and has been independently investigated by third-party security experts, so anyone can verify its security model. You can use it as a web app, through browser extensions, and by downloading the dedicated apps for Windows, macOS, Linux, Android, and iOS.

For teams affected by ESET Password Manager’s discontinuation, Proton also offers Pass for Business — a secure, end-to-end encrypted password manager built for organizations of all sizes. It makes it easy to deploy password management across your team, share logins safely, enforce security policies, and monitor activity with detailed reporting.

Create a free account Get Pass for Business

How to switch to Proton Pass

Moving all of your passwords from ESET Password Manager to Proton Pass is simple:

In ESET Password Manager, go to Settings → Export data.
Choose an export option and type your master password.
Select Export Data.
Create a Proton Pass account or log into your existing account.
Import your data into Proton Pass.
Delete the file you exported from ESET Password Manager.

Once you’ve imported all of your data, you’re ready to start using Proton Pass.

If you’re ready to put your online privacy first, Proton offers a fully encrypted ecosystem of apps, including password manager, authenticator, email, cloud storage, docs, sheets, VPN, and a private AI chatbot.

Introducing Proton Sheets: Protect the data that drives your business

Anant Vijay Singh — Thu, 04 Dec 2025 11:45:44 GMT

Spreadsheets are the backbone of modern businesses, used to plan budgets, manage inventory, supervise members, and organize proprietary data. This is why Excel and Google Sheets are everywhere, but organizations are increasingly concerned that these tools leave their internal data exposed to surveillance, tracking, and AI training.

That’s why we’re introducing Proton Sheets in Proton Drive, our easy-to-use spreadsheet that lets your team collaborate while keeping control of your data. Proton Sheets is protected by end-to-end encryption, ensuring that no one else, not even Proton, can access your spreadsheet and the information it contains. Whether you’re tracking your home budget or managing a multi-team project, Sheets can help you get the job done. Use built-in formulas to perform analysis, turn raw data into easily understood charts, and collaborate with remote teams knowing your information is safe.

With the addition of Proton Sheets, Proton Drive now offers a clear alternative to Google Drive. You get the same, easy-to-use, collaborative tools you need to get work down, only we offer privacy by default.

Anyone with a Proton Drive account can use Proton Sheets for free.

Once you’re signed in, go to drive.proton.me, click New in the top left, and select New sheet to get started.

See what Proton Sheets can do for your organization

Your spreadsheets shouldn’t leak your strategy

It’s nearly impossible to run an efficient business today without tracking metrics or project statuses, which means using spreadsheets. However, if someone gains access to those files, they get a window into the inner workings of your organization.

Most people use spreadsheets built by Big Tech, companies whose business model relies upon monetizing your data. Big Tech may even be a current or future competitor. They design their products to give them access to your information. For example, Google has embedded its AI tool, Gemini, into Sheets. While it looks like a helpful data assistant, Google’s own support page warns you not to share anything confidential with Gemini since it could be read by reviewers or used to improve its AI. Google makes it hard to know exactly how small businesses’ data will be treated, but it defaults personal data into AI training. It has also left the door open to using companies data to train its AI if they give permission. And since most Big Tech companies are based in the US, they’re subject to weak data protection laws, opening the door to warrantless surveillance.

Your business, your data, and your customers’ data deserve better.

Proton Sheets: Productivity meets privacy

With Sheets, you can easily and securely handle all your business’s essential records and data. It’s the private-by-default alternative to Excel and Google Sheets with end-to-end encryption built in at no extra cost, meaning everything you enter, including metadata like filenames, is secure, private, and can only be accessed with your permission.

Like all Proton services, Sheets is protected by Switzerland’s strict data privacy laws.

If you’ve used a spreadsheet before, Proton Sheets’ intuitive interface will be immediately familiar. It encrypts everything automatically, letting you focus on organizing and managing the data that matters. Whether you’re overseeing logistics, planning projects, or calculating budgets, Sheets makes it simple.

You can use Proton Sheets to:

Visualize data
Turn numbers into charts and graphs for instant insights.
Perform calculations
Use the built-in formulas you need and expect for day-to-day calculations.
Collaborate in real time
Edit sheets together and see updates as they happen.
Work from anywhere
Access Sheets securely on any device.
Stay in control
Manage who can view or edit your spreadsheet. You can revoke access anytime.
Import and export your spreadsheets
Quickly import your existing CSV or XLS files to protect your data with end-to-end encryption or export your files so you can always take your projects with you.

The productivity suite that puts you in control

No one should need to expose their data to use a service. After Proton Docs, a spreadsheet tool was the next piece of the puzzle for a secure workspace. You can now protect your entire workspace, from your email to your calendar, your documents to your spreadsheets. No surveillance. No data harvesting. Just end-to-end encrypted tools built for how you work.

Cyberattacks are becoming more prevalent and sophisticated each year. Proton Sheets offers advanced protection for your data and helps you demonstrate to partners and clients that you take cybersecurity seriously. Small businesses can use Proton Sheets to protect sensitive data, like customers’ addresses and records. Consultants can use Sheets to securely collaborate with external partners. And journalists, NGOs, and entrepreneurs can use Sheets to manage their data, projects, and logistics without fear that Big Tech will scan their work or train AI assistants with it.

All Proton tools are secure by default and productive by design. Organize the data that matters, collaborate across teams, and keep your organization running smoothly with an easy-to-use, secure spreadsheet tool.

Switch to Proton Sheets today

Remote work policy guide: Secure templates and best practices

Ben Wolford — Thu, 04 Dec 2025 10:32:04 GMT

Whether your business is fully remote or hybrid, you’ll need a solid remote work policy that protects sensitive data. That means defining who’s eligible for remote work, setting out communication rules, and putting safeguards in place to mitigate threats specific to geographically distributed teams.

This article looks at the best practices for a successful remote work policy.

What is a remote work policy?
Does your company need a work-from-home policy?
Core elements of a remote work policy
Remote work policy examples
Remote work policy templates you can use now
Best practices for rolling it out successfully
Frequently asked questions

What is a remote work policy?

A remote work or work-from-home (WFH) policy is a formal document that defines the rules for anyone who works outside the company’s physical office. It can apply to employees, consultants, contractors, and anyone with access to your organization’s internal systems or proprietary data.

Does your company need a work-from-home policy?

There are plenty of great reasons to embrace a remote working culture. One of the most notable is expanded recruitment opportunities. Top employees will expect flexibility, and companies that offer it can access a global talent pool.

Remote or hybrid work can also bring a substantial boost in productivity and accountability. Giving staff the freedom to work from home can raise efficiency and increase employee retention. For many organizations, it also lowers overheads — less office space can mean significant savings on rent and utilities.

But remote work is not without risk. Businesses operating over international borders have to juggle multiple tax and labor laws. Additionally, there is a significant increase in exposure to information security risks.

That said, a sturdy remote work policy will help meet any HR and legal obligations. And a policy that requires a company-approved VPN for remote work, strong passwords, and two-factor authentication (2FA) will reduce vulnerabilities.

Essential components for a remote work policy

A remote working policy should cover these key areas to protect both the business and the employee.

Eligibility: Define remote and hybrid roles
Working hours: Set online expectations
Communication: Document clear response times
Equipment and expenses: Explain what the company will provide
Security requirements: Enforce VPN use and proper device management
Performance tracking: Have clear success metrics
Stay compliant: Cover international labor and tax laws

1. WFH eligibility

Some roles demand an on-site presence (receptionists, plumbers, doctors), and remote working is unfeasible. For others, physical location is not essential. A remote working policy should spell out which jobs qualify, any stipulations, and how many WFH days the company allows.

Example: Eligible employees are full-time staff who have passed probation and whose duties are unhindered by not being in the office.

Tip: Make it clear who cannot apply for remote work. For example, people who have regular face-to-face client contact.

2. Work hours and availability

Remote work can blur the line between home and office. Set expectations up front. Do you want fixed hours, or is flexibility part of the deal? If your team spans multiple time zones, set overlap windows when everyone should be available.

Example: Staff must be online from 10 AM to 3 PM CET, with flexible working outside these hours.

Tip: Global teams may benefit from daily or weekly updates rather than round-the-clock monitoring.

3. Communication protocols

A remote work policy must explicitly state which software employees should use to communicate with colleagues (email, Slack, Jira), and any that are not allowed.

Set clear expectations for response times to help manage stress and avoid an unsustainable always-online culture.

Example: Employees must reply to Slack messages within 30 minutes during working hours.

Tip: Define which channels are for urgent issues and which are for routine updates. That way, teams know where to focus their attention first.

4. Equipment, expenses, and IT support

A remote work policy should cover what the company provides and what employees are responsible for providing themselves. Include hardware, software, and support. Address any (or lack of) expense reimbursements for internet, phone bills, or home office equipment.

Example: The company will provide a laptop and monitor. Employees will receive $15/month to offset internet costs.

Tip: Create a clear bring-your-own-device (BYOD) policy. Without clear security and support policies, personal devices can quickly become a liability.

5. Security and data protection

Remote work exposes companies to new cyber risks, but a clear policy can reduce them. It should include:

Company-approved hardware and software: Employees should use devices and apps recommended by IT to ensure security and compatibility.
Mandatory two-factor authentication: All workplace accounts must have 2FA enabled, for example via an authenticator app.
Home network security: Employees should change default router passwords and enable WPA2 encryption.
Enforced VPN use: All remote connections must use a business VPN with always-on and kill switch features enabled.
Controlled server access: Access should be limited to the resources each role requires.
Encrypted conferencing tools: Remote meetings should use platforms with end-to-end encryption.
Secure communication channels: Business messaging and email should run on end-to-end encrypted services such as Signal and Proton Mail.

Learn more about securing your remote workforce

Tip: Don’t underestimate security. A single breach could cost far more than the total cost of all other items in your remote work policy combined.

6. Performance measurement

Fairly measuring success is critical when people aren’t in the office.

Define how the company will track performance, whether it’s KPIs, regular reporting, or project milestones. Make it clear that results matter more than hours on the clock.

Example: Remote employees must meet agreed project deadlines and provide a weekly update to their manager.

Tip: Avoid surveillance-heavy monitoring tools. They may damage trust and morale, and usually don’t improve productivity.

7. Compliance, liability, and health and safety

Remote doesn’t mean exempt. A remote work policy must cover labor laws, tax obligations, and health and safety requirements. In case of non-compliance issues, define how the company will handle any liability concerns.

Example: Employees must ensure a safe workspace and report any incidents to HR within 24 hours.

Tip: Involve HR, legal, and IT when drafting this section. It reduces the risk of overlooking obligations that could cause problems later.

Remote work policy examples

Companies generally approach remote work in one of three ways.

On-site

Best suited to regulated industries where compliance and rigid control are critical.

Fixed 9 AM to 5 PM hours
Limited WFH flexibility
Heavy equipment monitoring

Hybrid or flexible

For companies that need in-person collaboration, but also want to support a healthy employee work-life balance.

Employees can split time between home and office
Core hours with flexible start and end times
Emphasis on strong communication and reporting

Fully remote or asynchronous

Best for globally distributed teams that prioritize productivity and success over physical attendance.

Teams work across multiple time zones
The company judges people on outcomes, not hours
Effective work does not require physical meetings

Remote work policy templates

These cover the most important tenets of remote working policies. Copy and adapt these templates to suit your business needs and remote work policy.

Template 1: Basic remote work policy

Purpose: Provide general guidelines for employees working remotely.

Eligibility: Employees who have completed [X months] of probation may apply to work remotely. A line manager must approve requests. Roles that require daily face-to-face client interaction or physical presence are not eligible.

Work hours: Employees must maintain contracted hours and be available during [core hours]. Flexibility is allowed outside these times if agreed in advance.

Communication: Employees are expected to remain accessible via [Slack/Email/Phone] during working hours and attend all scheduled meetings. Urgent matters should be communicated via [preferred channel].

Equipment: The company will provide a [laptop/monitor]. Employees must provide a stable internet connection and a safe workspace that allows them to perform their duties without disruption.

Security: Employees must connect to company systems using Proton VPN and enable the always-on and kill switch features. Two-factor authentication is required on all workplace accounts, and devices must have screen locks enabled.

Review: [Business] will review this policy every six months and may adjust guidelines based on feedback and evolving needs.

Template 2: Hybrid work policy

Purpose: Support flexible work arrangements while ensuring productivity and security.

Schedule: Employees may work remotely up to [X days per week], subject to manager approval. Employees are expected to attend the office on designated collaboration days.

Workspace: Employees must maintain a distraction-free environment with a reliable internet connection. Home offices should meet [business’s] health and safety standards.

On-site work: When visiting the office, employees should reserve desks using the [reservation system] to prevent over-capacity.

Communication: Employees must attend all required team meetings via video conference or in person. Daily or weekly check-ins are expected to keep teams aligned.

Expenses: The company reimburses [$X/month] for internet and phone use related to remote work. Additional expenses must be approved in advance.

Security: To protect company systems and data, employees must:

Use company-approved antivirus software with automatic updates enabled.
Connect through Proton VPN with always-on and kill switch features enabled.
Enable two-factor authentication on all company systems.
Change default router passwords and use WPA2 or stronger WiFi encryption at home.
Report any lost or stolen devices immediately.

Template 3: Security-first remote work policy

Purpose: Protect sensitive company data while enabling remote work.

Eligibility: Only roles approved by HR, IT, and Legal may work remotely under this policy.

Security requirements: To protect company systems and data, employees must:

Only work on company-issued and encrypted devices.
Keep non-essential applications off work devices.
Lock device screens with strong passwords whenever unattended.
Turn off Bluetooth when it is not actively required for work.
Connect through Proton VPN with always-on and kill switch features enabled.
Enable two-factor authentication on all accounts and use a company-approved password manager (such as Proton Pass).
Use strong, unique passwords (minimum 16 characters) for every account.
Keep all devices and applications updated automatically, with full-disk encryption active.
Change default router passwords and secure home WiFi with WPA2 or stronger encryption.
Access only the internal servers and resources assigned to their role.
Use encrypted platforms with password protection for group calls and video conferences.
Use approved encrypted apps, such as Signal for messaging and Proton Mail for email, with expiration dates set for sensitive communications.
Avoid sending sensitive information through unapproved applications.
Ensure no sensitive material is visible during video conferences or screen sharing.
Stay alert for phishing and social engineering attempts; do not click suspicious links or attachments.
Report any lost, stolen, or compromised devices to IT immediately.

Compliance: Employees must adhere to [GDPR/CCPA/other relevant regulations] and all company data-handling policies.

Audits: IT will audit remote devices every [X weeks]. Non-compliant devices may be suspended from company systems until issues are resolved.

Violations: Breaches of this policy may result in disciplinary action, up to and including termination of employment.

Remote work guidelines

Once you’ve drafted a remote work policy, the next challenge is getting it to work in practice.

Rolling it out across an organization will take careful planning, communication, and patience.

Try the following to make the transition smoother:

Get cross-departmental input: Involve HR, IT, Legal, and management from the start.
Train employees: Make sure everyone understands remote work expectations.
Gather feedback: Ask employees and managers what’s working and what’s not.
Have a trial run: Select a small group to test the new remote work policy.
Reinforce the guidelines: Managers should make sure everyone follows the remote policy.

Remote work policy FAQs

What should a remote work policy include?

A remote work policy is the blueprint for how your team functions outside the office walls. The essentials are eligibility, working hours, communication standards, and security protocols. Those four areas set expectations and remove confusion.

How do I create a successful work-from-home policy?

Start by asking why you’re offering remote work in the first place. Is it about flexibility, talent attraction, cost savings, or all of the above? Once your objectives are defined, build the structure around them. Set clear eligibility rules, expected hours, communication channels, equipment requirements, and expense rules.

Do I need a VPN for remote work?

Yes, a business VPN offers several benefits for remote or hybrid businesses. For operational security, VPNs allow organizations to restrict access to internal resources using static IPs and dedicated servers. Proton VPN also protects against trackers and malware. For business privacy, a VPN prevents third-parties from seeing workers’ browsing activity and masks their IP address.

OpenAI data breach exposed API user information — here’s how to protect your data

Elena Constantinescu — Thu, 27 Nov 2025 18:02:54 GMT

Hackers breached an OpenAI vendor and stole sensitive information about business customers on November 26, 2025, including names, emails, locations, and technical details about the customers’ systems.

If you use ChatGPT for everyday tasks, like writing, brainstorming, or asking questions, OpenAI says your chats were not part of this breach. Still, the incident raises concerns — especially for businesses and developers who rely on OpenAI’s API services — about how third-party tools can expose user data, even when the core service isn’t directly affected.

Here’s what happened and what’s at risk.

What was exposed in the OpenAI data breach

On November 9, Mixpanel discovered that attackers gained unauthorized access to a dataset that included user-identifying and analytics information:

Names and email addresses associated with API accounts
Approximate location based on the API user browser, such as city, state, and country
Browser and operating system details
Referring websites
Organization or User IDs associated with API accounts

OpenAI has suspended its relationship with Mixpanel and initiated broader security reviews across its vendor ecosystem. At the same time, the maker of ChatGPT clarified that its core systems were not breached, so no chat data, API content, passwords, API keys, payment information, or sensitive credentials were compromised.

How to protect your data

Despite this reassurance, even limited metadata can be dangerous in the wrong hands. Information like your name, email address, and location can be enough to launch phishing campaigns or social engineering attacks that trick you into giving away access to more sensitive accounts.

If you were affected (OpenAI says all impacted users were notified), you should treat this like any other breach involving personal information: Act quickly to protect your online identity.

Here are some steps you can take right now:

Change your passwords, especially if you reused the same password on other sites.
Turn on two-factor authentication (2FA) on all your accounts to add an extra layer of security.
Be cautious with unexpected emails or messages, especially those that claim to be associated with OpenAI or which ask you to click a link or reset a password.
Use Dark web monitoring to check if your personal data has been leaked or sold online.

Switch to a private AI that doesn’t expose your data

AI tools like ChatGPT are not built with your privacy in mind. If you or your organization uses ChatGPT, your personal or business data are at risk. Your sensitive information, prompts, metadata, and usage patterns can be stored, analyzed, or shared with third parties you’ve never heard of and may have no reason to trust — like in OpenAI’s case.

This is why Proton’s private AI assistant, Lumo, offers a fundamentally safer alternative for everyday professional and personal workflows, especially when sensitive information is involved.

You can use Lumo to:

Write, summarize, and analyze sensitive documents
Handle internal business information or strategy
Brainstorm and research
Get AI assistance for personal use

Unlike Big Tech AI tools like ChatGPT, Gemini, or Copilot, Lumo is designed to keep you safe, meaning:

Your conversations are never used to train AI models.
No data is retained beyond the basic account information needed to operate the service.
Your activity is not tracked, monetized, or shared with anyone.
Sensitive conversations stay private by design.

Use Lumo Get Lumo for Business

Proton protects your privacy

The more companies rely on third-party tools and affiliate partnerships, the more opportunities there are for your data to leak. While Big Tech uses your personal data to train AI models, optimize their algorithms, and drive advertising revenue, we take a different approach.

At Proton, we don’t share your data with third parties, sell it, use affiliate networks, or show ads. When you join our end-to-end encrypted ecosystem, you stay in control of your information — whether it’s your email, calendar, passwords, cloud files, online activity, or AI conversations.

How to shop online privately this holiday season

Kate Menzies — Thu, 27 Nov 2025 15:39:02 GMT

It’s that time of year when we’re all looking for deals online.

Black Friday promotions are everywhere and Christmas is fast approaching, so online shopping is often the most convenient way to make the most of the festive period. Online shopping, however,can present some serious privacy risks: Online scams are proliferating, and your personal data is more valuable to marketers and cybercriminals than ever.

Here’s how you can make the most of the sales without compromising on your safety and privacy.

Be wary of services offering discounts

Retail brands often offer discount codes for first-time shoppers, seasonal events, and multiple-purchase orders. Shopping around to find discount codes is a common practice and can sometimes result in saving money. But these services don’t necessarily have your savings in mind. They’re after something more valuable to them.

Honey, for example, is a browser extension owned by PayPal that claims to find and apply all available offers and discounts to your basket when you’re online shopping. The extension has been promoted heavily by affiliates, including Mr Beast, and claims to offer discounts for more than 30,000 stores.

An investigation from YouTuber MegaLag, however, revealed that the extension was actually hiding discounts from shoppers and manipulating tracker cookies in the purchase process in order to capture affiliate money from influencers. Not only will you not save money when you use Honey to find discounts, the person or platform recommending the product you’re buying could also lose out on their referral fee.

There are even larger risks when it comes to voucher sites. Voucher sites may seem like a harmless way to get a good deal, but they can make it easy for cybercriminals to phish you for your personal information and bank details. By creating a spoofed site with a discount code you can use to make a purchase, it’s easy for criminals to harvest data in order to sell your data and potentially commit identity theft.

Essential tips when looking for discounts

Look for legitimate offers on the brand or seller’s verified social media account.
Sign up for the brand’s mailing list using an alias to get a first-time shopper discount code.
If you’re still using a voucher site, check the URL closely to make sure nothing is misspelled and that there’s a lock symbol (HTTPS) in your browser bar to prove that the website is secure.

Use aliases to hide your email address when shopping online

When you sign up for a shopping account with your email address, retailers can create an accurate profile of you and your online habits. That’s because your email address is tied to just about everything you do online, from online banking to accessing government services to socializing on forums to shopping online.

Your email address is equivalent to your passport in terms of your digital identity, and it can be used to scam you and even commit fraud.

An alias acts like a shield for your email address, hiding it from the website or service you’re signing up for while allowing you to receive emails to your personal inbox, such as shipping updates about your purchase. But the retailer won’t have your personal email address, so it can’t share or sell it to a third party — because email aliases are anonymous.

In order to safely shop online, we recommend using hide-my-email aliases when you create online accounts. Email aliases also help you evade spam and dynamic pricing — one of the more pernicious aspects of shopping online. Dynamic pricing is a method that businesses use to adjust the pricing of products based on demand and availability, and also by what you’re doing online and your browser history.

If a company can see that you’re comparing products across multiple sites, its dynamic pricing algorithm may increase the price to match up with its competitors. Prices can also vary at different times of day or in different locations, making it difficult to know the true price of an item. An email alias can help you evade dynamic pricing by hiding your email address from retailers, preventing them from creating a profile of you and tracking your behavior.

When each of your online accounts has its own unique email alias, you’ll be able to tell if a retailer has sold your information. For example, if you start receiving spam on your email account forwarded by youracme.shopping123@passmail.net alias, and that alias was only ever given to AcmeWebsite, you can confidently identify them (or their partners) as the source of the data leak. You can then delete that alias to stop the spam without putting your real email and associated information at risk.

Email aliases might sound complicated, but it’s easy to create one with the right tools. You don’t need any technical know-how, and you can manage and delete email aliases just as easily.

Essential tips for using aliases to shop privately

When creating a new online account, create a new alias specifically for that account.
If you start receiving spam via your specific email alias, simply delete it and create a new one.
You can use Proton Pass — our encrypted password manager — to create, manage, and delete aliases safely across all your devices.
Buy directly from sellers whenever you can, as third-party resellers are less reliable and more prone to scams.

Protect your personal data with a VPN

A v irtual p rivate n etwork (VPN) is one of your most useful tools when it comes to online shopping. It’s an easy-to-use tool that protects your privacy by encrypting your internet connection and limiting who can see your online activity and personal data.

Here’s what a VPN does:

Helps you access websites that may be geoblocked in your location by allowing you to connect to servers in different locations around the world.
Protects you if you’re browsing the internet on an insecure WiFi connection, such as in a coffee shop or at an airport. By encrypting your online activity, hackers can’t intercept sensitive information like your login credentials or credit card data while you shop.
Reduces price discrimination and tracking by masking your IP address. This makes it harder for retailers, advertisers, and data brokers to profile you based on your browsing habits or location.

Hiding your IP address prevents eCommerce platforms from collecting and selling your data to third party data brokers. Data brokers collect personal information such as your name, email address, browsing habits, and even sensitive health data in order to sell it to marketers and sometimes criminals. By protecting your privacy with a VPN, you’re ensuring that you can use the internet and shop privately.

A VPN also helps you avoid dynamic pricing by hiding your browsing history, your location, and the device you’re browsing on. Without being able to see where else you’re shopping around, retail platforms aren’t able to adjust their prices to reflect your behavior.

Essential tips when using a VPN for online shopping

Connect to different VPN servers to prevent shopping sites from tracking you while browsing, and compare prices across multiple retailers.
Clear your cookies and internet history regularly to limit how much data retailers can store about your behavior.
Use Incognito or Private Browsing mode to reduce session-based tracking.
Log out of your accounts when casually browsing to avoid personalization based on past activity.
Be cautious when clicking on ads or pop-ups, as they may lead to phishing or unsafe sites. Proton VPN protects you from ads and malware on all VPN servers using an ad blocker.

GrapheneOS leaves France over encryption backdoor concerns

Elena Constantinescu — Wed, 26 Nov 2025 20:08:46 GMT

GrapheneOS is leaving France over security and legal concerns, including government pressure for an encryption backdoor. Here’s what happened and why it matters.

What happened with GrapheneOS in France?

On November 24, 2025, GrapheneOS announced on X it has removed all active servers from France and is in the process of ending its relationship with hosting provider OVHcloud. “France isn’t a safe country for open source privacy projects,” the team said, pointing to what it describes as the expectations of French authorities for encryption backdoors.

This decision arrives as France becomes one of the most vocal supporters of proposed EU Chat Control legislation, which aims to force online platforms and messaging services to automatically scan private chats, images, and media for child-sexual-abuse material (CSAM) and grooming content. In March, the French National Assembly rejected a proposal that would have required secure communication services like Signal to weaken or remove their end-to-end encryption.

End-to-end encryption (E2EE) means that only the sender and recipient can read the contents of a message — not the service provider or other third parties, including government authorities or cybercriminals.

Beyond encryption backdoors, there are growing questions whether French company OVHcloud can guarantee data sovereignty. A Canadian court attempted to force the company to hand over customer data stored on European servers by using its Canadian subsidiary — effectively bypassing the usual legal channels between governments.

What is GrapheneOS and why do people use it?

GrapheneOS is a nonprofit, open-source, and Android-based operating system used by many people seeking better privacy, security, and control. Here are some of the reasons why people prefer it to Google’s Android:

No background data collection, built-in Google tracking or telemetry. This means your device doesn’t send usage data, diagnostics, or behavioral information to Google or its partners.
Disabled Advertising ID by default. Advertising ID is a unique identifier assigned to your device by Android that lets marketers track you for targeted ads.
No bloatware, such as manufacturer or carrier-installed apps.
No forced apps you can’t uninstall, such as Google Assistant or Gemini.
No Google lock-in prompts, such as persistent notifications encouraging Google services. You can also use GrapheneOS without an Google account.
No default cloud integration such as automatic Google Photos backup.
Advanced privacy permission controls, such as better protection against zero-day exploits.
Stricter security rules controlling how apps behave, such as sandboxing that prevents apps from accessing other apps’ data or system resources without explicit permission.

Why encryption backdoors are dangerous

GrapheneOS protects mobile devices using full-disk encryption to secure all data, including metadata like file names and timestamps. An encryption backdoor would mean adding a secret method that law enforcement could use to unlock encrypted data without your consent, PIN, or face.

The problem with an encryption backdoor is that, once it exists, it can be discovered, misused, or exploited by anyone who finds it, including cybercriminals. This puts everyone at risk, not just people targeted by an investigation, which is why privacy advocates consistently oppose it.

Why GrapheneOS says a backdoor is technically impossible

According to GrapheneOS, recent public comments and internal memos circulating among French law enforcement included warnings to treat Google Pixel devices as “highly suspicious” and what the project characterizes as misinformation about GrapheneOS.

GrapheneOS explains that, even if it wanted to, introducing an encryption backdoor is technically impossible due to the phone’s hardware secure element, which enforces a strict chain of trust. Only properly signed firmware is permitted to run, and any unauthorized modification would cause the device to fail verification. In addition, hardware-enforced protections limit the number of unlock attempts and introduce delays between them, preventing brute-force attacks.

GrapheneOS is not alone in refusing to create encryption backdoors

Major tech companies have also faced pressure to weaken encryption and have refused. Here are a couple of recent examples:

In 2023, when the UK was advancing the Online Safety Bill, Signal said that it would rather shut down its service in a jurisdiction that betrays the trust of its users than comply with a law that would introduce backdoors or surveillance-enabling features.
In 2025, the UK government effectively forced Apple to choose between creating an encryption backdoor and removing end-to-end encryption for certain services. Apple opted to withdraw Advanced Data Protection (ADP) — a feature that extends end-to-end encryption to several iCloud services, including backups, photos, notes, and files — rather than compromise its security model. Apple later filed a legal challenge against the UK government’s demand.

When governments weaken privacy, you pay the price

France’s stance against privacy-first companies and open-source projects sends a broader message: operate here and give us access to your data, or leave.

When secure platforms like GrapheneOS choose to stand strong with their security principles intact and pull their infrastructure out of the country, the very people they serve ultimately lose access to the tools designed to protect them from data breaches, identity theft, and state censorship.

At Proton, strong encryption and online privacy are foundational to our mission. We wouldn’t be able to provide our community secure email, V P N, cloud storage, or password management without them.

AI license plate reader tech is an Orwellian nightmare

Douglas Crawford — Wed, 26 Nov 2025 17:17:17 GMT

Automated License‑Plate Reader (ALPR) systems have become a routine sight on roads across the United States. These can perform valuable functions, including parking enforcement, speed trap verification, identifying stolen vehicles, responding to Amber Alerts, and more.

Always a concern for privacy activists, a new generation of license plate reader camera systems marketed by companies such as Flock Safety are causing particular alarm. Unlike traditional license-plate readers, such as those from Motorola Solutions, these new systems are both AI-driven and connected to a centralized database that can be accessed by local and federal law enforcement agencies with little oversight.

Instead of police searching for license plates linked to specific crimes, these AI-driven systems can examine millions of license plates to analyze the behavior of every car caught on camera. With this information, they can identify “suspicious” travel patterns, such as driving patterns that may be associated with drug trafficking activity.

People are being routinely identified as suspects and subjected to vehicle stops based on uncorroborated evidence that US constitutional law experts say fails to meet the “probable cause” standards required by the Fourth Amendment. These centralized and increasingly ubiquitous AI-driven ALPR systems constitute a mass dragnet-surveillance system that poses a direct threat to the privacy and freedom of everyone in the US.

A nationwide surveillance network

Flock Safety alone deploys over 40,000 LPR camera systems (many likely illegally), and is used by 5,000+ law enforcement agencies in over 4,000 cities across 49 states.

There are fewer than 300 million registered vehicles in the US, but Flock processes 20+ billion license plate scans per month, creating a detailed location tracking record. These scans are sent to a centralized database, where law enforcement agencies from across the country can view drivers’ license plate numbers, locations and directions, and the times of recording without any need for warrants. Between December 2024 and October 2025, 3,900 agencies logged some 12 billion searches through the Flock network.

But it’s not just about direct targeted searches. Those billions of untargeted license plate scans are analyzed by sophisticated AI software and combined with other details about a vehicle such as make, car, and model number (but not facial scans) to create unique “fingerprints” that can accurately track your car journeys. This means anyone who cares to look can easily gain a detailed insight into your daily activities.

And if the AI software algorithm deems your vehicular activity to be suspicious in any way, law enforcement agencies are increasingly likely to use that information to stop and search your vehicle, often citing spurious evidence to bypass the Fourth Amendment’s prohibition against unreasonable searches and seizures.

No oversight or accountability

Flock and similar companies act as private contractors for local law enforcement agencies, which have much looser transparency and legal requirements than federal authorities do. As private customers, local law enforcement officers are actively encouraged to collaborate with other local enforcement customers as a “smarter way” to combat crime.

This cozy atmosphere of casual collaboration that Flock fully encourages also makes it easy for authorities to bypass local privacy regulations and severely reduces the accountability of officers who flout those regulations.

Officers further routinely evade legal restrictions on Flock searches by deliberately misframing the reasons for the search. For example, a sheriff’s office in Texas searched data from more than 83,000 Flock cameras to track down a woman they suspected of self-managing an abortion — which turned out to be wrong. To justify this search, they claimed they were searching for “a missing person” and that “it was about her safety”.

That local authorities know how sensitive this license plate reader camera data can be is amply illustrated by a recent court case in which the city of Washington fought tooth-and-nail to prevent public access to Flock camera images — it failed.

Evidence also shows that local police forces are more than happy to informally share this information with federal authorities such as the FBI and ICE, allowing these agencies to sidestep their legal and constitutional obligations.

Evidence of APLR AI profiling

Although police forces across the country deny using such AI-generated ALPR tip-offs to initiate vehicle stops (often citing spurious evidence to bypass the Fourth Amendment’s “probable cause” requirement), there is mounting evidence of this becoming routine procedure:

Federal Border Patrol predictive program flagged vehicles that were stopped and searched

An AP investigation reported that a “predictive intelligence” program run by the United States Border Patrol resulted in people being stopped, searched, and in some cases arrested.

Local police departments receive ALPR alerts and make vehicle stops

CBS News documented multiple cases where LPR camera matches wrongly triggered police stops due to misread characters or faulty database matches, resulting in innocent motorists being pulled over at gunpoint.

Flock’s ALPR logs show searches tied to immigration and protests

Analyses of Flock Safety search logs show dozens of searches connected to immigration enforcement and to protests and activist activity.

Investigators are using AI to obtain automated information

A US Department of Justice (DOJ) report describes how AI is used in law-enforcement surveillance, cautioning against discrimination in automated systems. it specifically mentions ALPR as an increasingly common way to obtain automated information used in investigations.

A new wake-up call for privacy

Like all new technologies, AI is double-edged sword. Its potential for solving many of humanity’s most intractable problems is huge, but so too is its potential for harm. Describing the telescreen that allowed Big Brother to access the most intimate spaces in every every household in his seminal novel 1984, George Orwell wrote:

“How often, or on what system, the Thought Police plugged in on any individual wire was guesswork. It was even conceivable that they watched everybody all the time. But at any rate they could plug in your wire whenever they wanted to. You had to live — did live, from habit that became instinct in the assumption that every sound you made was overheard, and, except in darkness, every movement scrutinized”.

The combination of AI and ubiquitous always-on surveillance systems that can track our every movement far exceeds Orwell’s even most dystopian visions. Recent news that Flock is partnering with Ring — the world’s most popular smart doorbell manufacturer — demonstrates just how ubiquitous and invasive this form of tracking already is.

Proton was founded in 2013 as a response to Edward Snowden’s revelations about the extent and reach of the US and its 5-Eyes partners‘ dragnet program to spy on just about everyone, including US citizens. But rather than providing a wake-up call for an open debate about public consent for mass surveillance, governments around the world (very much including that of the US) have since doubled-down on the practice.

The fact that invasive AI-backed ALPR systems such as those from Flock are privately owned is not a barrier to government agencies abusing them. On the contrary, the arm’s length relationship enables them to bypass the legal and constitutional safeguards specifically intended to protect ordinary citizens from government overreach.