Proton Mail Suspended Journalist Accounts at Request of Cybersecurity Agency

Last month, a shocking move by Proton Mail, the company behind the popular email service, left many journalists and media outlets reeling. The company disabled email accounts belonging to reporters working on an explosive investigation into security breaches of South Korean government computer systems following a complaint from an unspecified cybersecurity agency. While Proton's actions may have seemed like a simple case of account suspension, the story behind it reveals a complex web of national security concerns and journalistic ethics.

Proton Mail describes itself as a "neutral and safe haven for your personal data, committed to defending your freedom." However, when faced with a complaint from a cybersecurity agency, the company took swift action to shut down the accounts of two journalists, Saber and cyb0rg, who were working on an article about a sophisticated hacking operation that had compromised several South Korean government networks.

The investigation, published in the August issue of Phrack, revealed that the hackers had exploited vulnerabilities in the systems of the Ministry of Foreign Affairs and the military's Defense Counterintelligence Command. The story suggested that the attack was consistent with the work of Kimsuky, a notorious North Korean state-backed Advanced Persistent Threat (APT) sanctioned by the U.S. Treasury Department in 2023.

But why did Proton Mail take such drastic action? And how did they decide to suspend the accounts without proper communication or consultation with the journalists involved?

Martin Shelton, deputy director of digital security at the Freedom of the Press Foundation, highlighted that numerous newsrooms use Proton's services as alternatives to Gmail specifically to avoid situations like this. "While it's good to see that Proton is reconsidering account suspensions, journalists are among the users who need these and similar tools most," he noted.

Shelton also pointed out that perhaps Proton should prioritize responding to journalists about account suspensions privately, rather than when they go viral. This would help to prevent situations like this from escalating into public controversies.

The backlash against Proton Mail was swift and vocal. The company initially claimed that they did not knowingly block journalists' email accounts and that the situation had been "blown out of proportion." However, as the story unfolded, it became clear that something more complex had occurred.

On Reddit, Proton's official account stated that they were committed to protecting their users' privacy and security. However, many in the journalism community remain skeptical about the company's actions and motivations.

A Cautionary Tale for Journalists

The story of Proton Mail's suspension of journalist accounts serves as a cautionary tale for journalists working on national security stories. It highlights the importance of responsible disclosure, cybersecurity best practices, and clear communication between journalists and their service providers.

As one journalist noted, "We followed all the right protocols and procedures to ensure that our story was accurate and secure. But Proton Mail's actions raised serious questions about their commitment to protecting their users' rights and freedoms."

A Lesson for Service Providers

The suspension of journalist accounts also raises important questions about the role of service providers in national security matters.

"Service providers like Proton Mail have a critical responsibility to balance the needs of their users with the demands of law enforcement and national security agencies," said Shelton. "In this case, it seems that Proton Mail may have fallen short of that balance. As such, they need to take steps to ensure that such situations do not recur in the future."

The incident has also highlighted the importance of clear communication between journalists and their service providers.

"When things go wrong, it's essential that service providers communicate openly and honestly with their users," said Shelton. "In this case, Proton Mail waited until the story had gone viral before responding to our questions. That was a mistake, and one that they need to learn from."