I think it has it's use, for certain tasks. I use the "ai" feature in outlook a bit. Just click the "Thanks! I got it" button or whatever pops up as a reply. Saves me some time and gives the sender a concice confirm.
I also wouldn't mind if some people got a bit of help with proofreading shit they send out.
Translation is also a nice one, if it's built in why not.
I'm torn on this. Personally, I feel like this is totally unnecessary, and reminds me of Mozilla doing all sorts of random stuff and ignoring their core competency of browsers. But on the other hand, this seems like an attempt to make Proton Mail more competitive with Gmail, reduce feature disparity, and encourage adoption, which is great!
Thank you for the link. This sadly makes me consider switch to another email provider. I think it is great that they listen to their customers, it really is, but it makes me think that what I value in an email provider seems to be different from what the average (or at least questioned) customer values.
The words privacy and ai are in my mind almost irreconcilable. I wish them all the luck in the world and hope their other customers stay happy, but it seems they will have to lose me. Which is fine. I think they do what is best for proton, it is just that proton might be no longer what is best for me.
I just keep wondering if companies know that while lacking a certain feature may cost them customers, having it may do so as well.
>> The words privacy and ai are in my mind almost irreconcilable.
You can run many AI system on user machines. Some versions of stable diffusion can run on laptops. They can be run privately, even on air-gapped machines if necessary.
I would suggest Fastmail. They are excellent in what they provide. Just email and calendar. So if you are using proton other features (pass, drive..etc) then it wouldn't be 1:1 replacment.
My concern with them is that they don't store email encrypted at rest and being an Australian company their laws allow the government to put back doors in and are not obliged to tell their clients.
The government law is out of their control but not having your emails at rest unencrypted.
In the past few years I've tried Proton, Mailbox.org and now I'm with Posteo.de. Unfortunately they don't support custom domains, but I use SimpleLogin to solve this problem. Overall I'm pretty happy with this setup.
Under privacy I understand that I have to the limits of my ability control over with whom I share information. But the same is true for anyone sharing information with me. If I have to input any data from someone else to a program without their implicit or explicit permission it breaks, at least in my opinion, their privacy. The same is true if I for example forward an email addressed only to me to another person. I think I can not expect others to at least try to not break my privacy if I break theirs. Though I can not control other people and would never desire to do so. And I may break unknowingly their privacy as they may do with mine. We all make mistakes and modern software has become horrendous in telling the user what it does.
I know that email providers are scanning the received and send emails. But that is something both party involved know (or at least should know) beforehand. This is what I mean with implicit permission. People sending me an email can and must expect that my email provider will scan their emails to a certain degree. They can und must expect, that I will store their email on a local device for an indefinite period. But they can also expect that I will not post their emails somewhere on the web or forward it to someone else. If they desire otherwise they may state their desire and if I agree with them I will try to accommodate for that to the best of my ability.
For most cases I know about in which ai is used there is neither an implicit nor an explicit permission involved and just the assumption that the other side is ok with their data being shared with a 3rd party as long as it is with a machine which may or may not promises to run locally. Having this permission is an assumption I will not make and which I think is wrong.
Hence why in my mind privacy and ai is irreconcilable. Because the only way I can see to have them both is with an incredible unpractical overhead of managing all this implicit and explicit permissions.
Hopes this answers your question. Though I'm not trying to convince you or anyone else.
Thank you for replying, but I don't quite understand what you wrote in the context of a writing assistant where there is no sharing in any form with anyone.
Generative LLM's like this often reveal confidential info that they were trained on, and anything provided to them in order to generate other output can be used as future training data which can then be re-iterated to others
The latter can't be true since the input never leaves your computer, it's private information. The comments you're writing right now on the other hand are public information and can and will be used to train an LLM.
I wouldn't touch that with a ten-foot pole given how dastardly the ChatGPT could track the usage within a privacy-oriented application if I wanted my privacy intact.
"By default, all the processing happens locally, on the user's device, with no sensitive information being sent over to Proton, not even for training the AI models being used thanks to Proton's zero-access encryption tech."
Oh come on, Proton, you're supposed to be better than this. Chatbots are proven privacy-violation engines. If you're going to act like Google, there's zero reason to pay for your services.
This is not a chatbot and is in no way similar to what Google does.
It's opt-in, open source, runs on device, does not use your emails to train the model, and most important of all does not grant Proton access to your emails.
What part of that do you see as a privacy violation?
- is opt-in. You must actively choose to use this feature
- is open-source
- uses an open-source model
- does not use your data to train the model
- doesn't break existing zero-access-encryption
- runs locally on supported devices
- can be run on a Proton-provided no-log server if you choose to
From my understanding Scribe doesn't do anything unless you enter a prompt. And before that you have still have to choose between local or server side before you can even use it.
Not only this is a feature that I, as paying Proton Mail user do not need, but having it as a premium option will probably end up pestering me in every possible way: emails, UI elements, popups, etc., to upgrade to feature I absolutely detest. I tried to get away from Google and their nonsense, but actually ended up in the same place. Are there any decent email only providers left, without "AI" and load of unnecessary apps that they keep purchasing each week?
42 comments
[ 2.7 ms ] story [ 77.1 ms ] threadMaybe that will be the new "spam box", ANOTHER inbox for AI generated emails.
I also wouldn't mind if some people got a bit of help with proofreading shit they send out.
Translation is also a nice one, if it's built in why not.
https://proton.me/blog/2024-proton-survey-results
The words privacy and ai are in my mind almost irreconcilable. I wish them all the luck in the world and hope their other customers stay happy, but it seems they will have to lose me. Which is fine. I think they do what is best for proton, it is just that proton might be no longer what is best for me.
I just keep wondering if companies know that while lacking a certain feature may cost them customers, having it may do so as well.
You can run many AI system on user machines. Some versions of stable diffusion can run on laptops. They can be run privately, even on air-gapped machines if necessary.
I am considering the same thing.
The government law is out of their control but not having your emails at rest unencrypted.
It is end to end encryption they don't support as this article explains. Yes, it is two very different things however just as important.
Can you explain why?
I know that email providers are scanning the received and send emails. But that is something both party involved know (or at least should know) beforehand. This is what I mean with implicit permission. People sending me an email can and must expect that my email provider will scan their emails to a certain degree. They can und must expect, that I will store their email on a local device for an indefinite period. But they can also expect that I will not post their emails somewhere on the web or forward it to someone else. If they desire otherwise they may state their desire and if I agree with them I will try to accommodate for that to the best of my ability.
For most cases I know about in which ai is used there is neither an implicit nor an explicit permission involved and just the assumption that the other side is ok with their data being shared with a 3rd party as long as it is with a machine which may or may not promises to run locally. Having this permission is an assumption I will not make and which I think is wrong.
Hence why in my mind privacy and ai is irreconcilable. Because the only way I can see to have them both is with an incredible unpractical overhead of managing all this implicit and explicit permissions.
Hopes this answers your question. Though I'm not trying to convince you or anyone else.
Then again, it's a WEB app!
"By default, all the processing happens locally, on the user's device, with no sensitive information being sent over to Proton, not even for training the AI models being used thanks to Proton's zero-access encryption tech."
Official post: https://proton.me/blog/proton-scribe-writing-assistant
(https://news.ycombinator.com/item?id=40994602)
It's opt-in, open source, runs on device, does not use your emails to train the model, and most important of all does not grant Proton access to your emails.
What part of that do you see as a privacy violation?
- is opt-in. You must actively choose to use this feature
- is open-source
- uses an open-source model
- does not use your data to train the model
- doesn't break existing zero-access-encryption
- runs locally on supported devices
- can be run on a Proton-provided no-log server if you choose to
From my understanding Scribe doesn't do anything unless you enter a prompt. And before that you have still have to choose between local or server side before you can even use it.
There's also a toggle to remove it from the UI.
And still, no Proton Drive for Linux.