Proton Calendar, which claims to be the “world’s only” calendar using end-to-end encryption and cryptographic verification, has arrived on iOS, giving those seeking a more secure work suite an alternative to Google, Apple, and the like.
Proton Calendar is pitched as offering encryption for all event details, as well as “high-performance elliptic curve cryptography (ECC Curve25519)” to lock it. The web app version of Proton Calendar is open source, with the code for mobile apps to come next, Proton says. Proton also notes that it never finds out who you’ve invited to an event, and it allows for inviting people outside the Proton ecosystem, letting people “cryptographically verify that it was you who invited them.”
Andy Yen, CEO of Proton, said in an interview with Wired in May that calendars are an “extremely sensitive” record of your life and that protecting them is essential. Encryption protects your calendar data from government requests, data leaks, or “a change in business model of your cloud provider.”
For its part, Google, the 800-pound gorilla of calendar data syncing, says that Google Calendar data is “encrypted in-transit and at-rest,” using “strong industry standards and practices.” But Google has your name, email address, and phone number, and Calendar “uses data to improve your experience” and saves “some location info,” search queries, and other activity. Apple’s iCloud security/privacy policy is broader and not as readily broken down into individual apps, but it’s similar regarding encryption. (A summary-friendly policy for personal Outlook accounts was not something the author could provide at this time.)
Proton, then, is offering a far more simple pitch: your data is always encrypted, and it’s not being used to connect other (often ad-driven) services or, as is often the case, round out a heap of user data.
Getting a calendar app onto iOS is part of Proton’s broader push to position its suite of services—email, calendar, file storage, and VPN—as a security and privacy-minded alternative to the free (or freemium) ecosystems run by the biggest tech firms. You pay for all but the most basic services, and you get services focused on protecting your work and communications. Proton’s services are not nearly as feature-packed as the more established suites from Google, Apple, or enterprise firms, but they are under active development.
Proton touts its servers and user data as being protected by “Swiss data privacy laws,” which somewhat came back on the company last year. Proton (then known as ProtonMail) had said that it did not, by default, “keep any IP logs which can be linked to your anonymous email account.” After a Swiss court injunction, Proton was forced to keep IP logs on an account under investigation, removed the logging language from its policy, and pointed to Tor as a way to better anonymize Proton access.
Proton had also strongly encouraged regulators to loosen Apple’s grip on its App Store in 2020, along with other firms like Spotify, Telegram, Basecamp-created Hey, and others.
https://arstechnica.com/?p=1901540