Skip to content


My feedback

1 result found

  1. 3,724 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We have given this quite a bit of thought, but at the present moment, it is not clear the advantages would outweigh the disadvantages.

    The biggest problem is search. Encrypting all metadata would break metadata search entirely on the web client as there is still no efficient way to handle search of encrypted data within a browser.

    Secondly, metadata encryption’s value from a privacy standpoint is also somewhat dubious. Because we ultimately must deliver the message to the recipient, we must know who the recipient is. At the current time, there still isn’t any proven and viable way to work around this.

    Metadata encryption is an area of continued research for us, and when the opportunity arises and the technology for doing this matures, we will definitely implement it in ProtonMail.

    Jackie supported this idea  · 
    An error occurred while saving the comment
    Jackie commented  · 

    I just subscribed to ProtonMail Plus since I'm pleased to support your cryptography research. Your company has brought awareness to the general public that unencrypted email is not secure, and made PGP encryption accessible to a non-technical audience (sending from ProtonMail to ProtonMail addresses) - and for this I will be forever grateful.

    However I was a little bit disappointed that metadata such as email subject lines is not encrypted, since the subject lines, sender, and recipient were readable in plain-text after I recovered my password using a backup email address, despite the loss of the original encryption key. Metadata reveals more about one's communications than one might initially realize, and is the underpinning of most "dragnet" bulk surveillance programs.

    Please consider implementing client-side encryption/decryption of metadata going forward into the future. With the growing computing power of most client devices nowadays (including mobile devices), decryption of metadata on-the-fly to facilitate features such as full-text search should be achievable. The small degradation in performance is a small price to pay for more complete privacy.

    Thank you in advance for the consideration, from a ProtonMail Plus user!

Feedback and Knowledge Base