1) Proton Drive desktop app should use certificate pinning (HPKP) by default. I believe it already does this, but I cannot find any documentation to verify.
2) There should be a setting in the app to allow the user to disable/opt out of this function so that Proton Drive can be used in a work environment where the employer uses DPI to scan all SSL/TLS traffic. I realize that this would (potentially) allow them to see everything I am storing in/retrieving from my drive, but that's OK because I want to use it mostly for work files.
3) If we had the ability to limit what online folders were synced to/visible from my local machine, then I could have 1 dedicated "work" folder that my work machine never saw or had access to, further limiting any privacy issues for other, non-work files in my drive. See https://protonmail.uservoice.com/forums/932839-proton-drive/suggestions/49259120-copy-dropbox-s-selective-sync-feature-choose-wha