I’ve been a very happy user and I’m incredibly grateful for what the Proton team has built. Proton is easily the best at privacy when both sides are on the platform, but recently I’ve been sending a lot of sensitive documents—IDs, bank docs, and contracts—to government officials. It’s made me realize that while Proton is great for privacy if both sides use it, it’s still a huge headache when your recipient isn’t a Proton user or a tech freak.

Right now, we have two options for non-Proton users, and both have major real-world friction. First, there’s PGP. Unless the recipient is very tech-savvy, that’s out of the question. You can't ask a government clerk or a busy accountant to manage keys just to read your email. Second, there’s manual password protection. This is where it gets tough; I have to find a separate way to call or text the person just to give them a password. It feels unprofessional and creates so much friction that many people just give up.

I’d love to propose two separate features (likely for Proton Unlimited and Business) to bridge this gap:

1. Legally-binding "Electronic Registration" (Similar to IncaMail from Swiss Post): For both private individuals and businesses, we need a way to send an email that has legal weight. This would be a "Registered" option where the recipient must electronically sign for the email to decrypt it. To make this work while staying Zero-Knowledge, users could securely upload their ID to their Proton account—stored with end-to-end encryption so even Proton can't read it.

When a "Registered" email arrives, the recipient would "sign" it with a simple, intuitive gesture (like a "drag-to-unlock" switch). This signature, backed by their stored ID, would generate a signed receipt proving the recipient's identity and the exact time of delivery. This would be a game-changer for official correspondence, legal filings, or contracts that require proof of delivery.

1. Automated Identity Verification (OTP or Secure Link): This feature doesn't need to be legally binding; it's purely for making everyday secure communication convenient. To stop the hassle of manual password sharing, we need an automated verification system that doesn't require the sender to manually coordinate passwords:

Integrated Verification: When the recipient clicks to open the email, they are prompted to verify their identity through a standard flow (like a one-time code sent to their mobile or a (secondary) email already on file).

Secure-Key Link: Alternatively, Proton could generate a unique, secure-key link displayed in the email inbox when opening the email. The recipient is led to an encrypted browser environment that verifies they are the intended recipient through a pre-constructed flow, then decrypts the message right there.

This removes the human element of having to coordinate a second communication channel myself. Even the most tech-illiterate and lazy people can handle an SMS code, email verification, or simply clicking a link and following a clear verification flow

By implementing these, Proton would make it so much easier for Proton and non-Proton users to communicate privately. It makes privacy and legal security very convenient, regardless of what provider the other person uses.