Proton is considering recycling old email addresses that still receive misdirected mail and appear in breach data, raising serious privacy concerns.
Proton is considering recycling old email addresses that still receive misdirected mail and appear in breach data, raising serious privacy concerns.
I’m sure proton would clear the inboxes before making the addresses available, so there’s no risk of seeing legitimate mail meant for someone else.
In terms of misdirected mail there are two types:
where a user has made a typo when entering their email somewhere
where a user entered a random email when signing up for a service they didn’t care about
Both of these can affect any existing email address (so proton’s plans make no difference), and only type 1 could be a privacy risk.
Email addresses aren’t secret, nor are they personally identifiable (unless they contain your name or are linked with other personal information) so I don’t see a problem here.
Wouldn’t the security risk be that if someone thinks the old user is still using that email address, or forgets, they may mistakenly send sensitive into to the person who now has the address…?
Am I missing something?