Proton Mail review — encrypted email from Switzerland
Who is this for? Anyone switching to a privacy-friendly email provider. Proton Mail is the most accessible choice with a free tier. Email is structurally less secure than Signal for sensitive communications — see the [app hardening guide](/en/guides/app-hardening-guide/) for context.
Proton Mail review
Who is this for? Anyone switching to a privacy-friendly email provider. Proton Mail is the most accessible choice with a free tier. Email is structurally less secure than Signal for sensitive communications — see the app hardening guide for context.
Proton Mail is the most widely used privacy-friendly email provider. Based in Switzerland, end-to-end encrypted between Proton users, free tier available. What it protects — and what it doesn’t.
What Proton Mail protects
Zero-access encryption: Proton cannot read the contents of your emails. Messages are encrypted with your public key before being stored on the servers. Only you can decrypt them.
End-to-end encryption (Proton-to-Proton): Emails between two Proton Mail addresses are automatically end-to-end encrypted. No intermediary can read along.
No IP logging (by default): Proton does not log IP addresses at login by default. You can verify this in settings.
Swiss jurisdiction: Swiss privacy law is stricter than EU or US. Proton can theoretically be compelled to provide data via a Swiss court, but the encrypted content cannot be decrypted.
What Proton Mail does NOT protect
Metadata: Proton still sees important metadata such as when you send mail and with whom. Subject lines are not end-to-end encrypted, even though they are encrypted at rest.
Email to non-Proton addresses: If you use Proton but the recipient has Gmail, Yahoo or another standard address, the email travels outside the encrypted Proton infrastructure. The content is then not end-to-end encrypted unless you use PGP or send a password-protected email.
Incoming email: Email arriving from outside Proton is not end-to-end encrypted. Proton receives it unencrypted and then encrypts it with your key for storage.
Specifications
| Property | Value |
|---|---|
| Jurisdiction | Switzerland |
| Encryption | PGP + zero-access (storage) |
| E2E encryption | Automatic between Proton users |
| Open-source | Yes (clients) |
| Free tier | Yes — 1 address, 1 GB storage |
| Proton Mail Plus | Paid — 15 GB, custom domain, more addresses |
| Proton Unlimited | Paid — all Proton services (VPN, Drive, Calendar, Pass) |
| Desktop bridge | Yes — IMAP/SMTP for Thunderbird, Apple Mail, Outlook |
| Mobile | Android, iOS |
Proton Bridge — use with existing email client
Proton Mail has a web interface and mobile apps by default. If you want to use a desktop email client like Thunderbird, you need Proton Bridge. Bridge runs locally on your computer and translates the Proton API to standard IMAP/SMTP.
Advantage: you work in a familiar email client. Disadvantage: Bridge must be running for synchronisation — one extra background process.
Comparison with alternatives
| Proton Mail | Tutanota | Gmail | Outlook | |
|---|---|---|---|---|
| E2E encryption | Yes (Proton-to-Proton) | Yes (Tuta-to-Tuta) | No | No |
| Zero-access storage | Yes | Yes | No | No |
| Open-source client | Yes | Yes | No | No |
| Free tier | Yes | Yes | Yes | Yes |
| Jurisdiction | Switzerland | Germany | US | US/Ireland |
| PGP support | Yes | Limited | No | No |
Tutanota (now Tuta) is a good alternative to Proton Mail with comparable encryption but its own protocol instead of PGP.
Migration from Gmail
Proton has an import tool to import existing Gmail messages. The process takes hours to days depending on mailbox size. Your Gmail address keeps receiving afterwards — set up a forward or change your address gradually at services.
Caveats
Free tier is limited: the free plan starts small and is fine for light use, but tight if you want Proton as your primary mailbox.
Email is inherently old and insecure: The SMTP protocol was designed without privacy in mind. Proton does the maximum within those constraints. For truly confidential communication, Signal or PGP is structurally more secure.
Proton has provided data to police: In 2021 Proton provided IP addresses of a climate activist following a Swiss court order. Zero-knowledge encryption protected the content — but the metadata (IP, account creation timestamp) was available. Use Tor or VPN when logging in if you want to prevent IP logging.
Pros and cons
Pros
- Zero-access encryption — Proton cannot read stored messages even if compelled
- Automatic end-to-end encryption between Proton Mail addresses
- Swiss jurisdiction with stricter privacy law than EU or US for foreign government access
- Open-source clients; free tier available
- Import tool migrates existing Gmail in hours
Cons
- Metadata such as who you email and when remains visible to Proton even with content encryption
- Emails to non-Proton recipients are not end-to-end encrypted unless PGP is used — the majority of email traffic
- In 2021 Proton provided IP addresses of a user following a Swiss court order — use Tor or VPN at login if IP protection matters
- Free tier is limited and mainly intended as an entry point
Conclusion
Proton Mail is the best choice if you want to switch from Gmail or Outlook to a privacy-friendly email provider. The encryption is solid, the free tier is usable, and the ecosystem (VPN, Drive, Calendar, Pass) makes Proton a complete privacy stack.
Understand that email has structural limits — it is not a replacement for Signal for sensitive communication.
See also:
- PGP practical guide — encrypting email with external recipients
- Recommended privacy apps — full overview of recommended apps
- ProtonVPN review — combine Proton Mail with ProtonVPN