Sounds like good ol’ too-good-to-be-true honeytrappery to me, but that’s pure knee-jerk speculation on my part. Army+Palantir = massive alarm bells in my book, and Proton has a growing number of issues that have tainted their reputation.
I also don’t know how it would even be possible to legally operate a privacy-centric carrier in the US given the requirements of the Patriot Act/etc. To say nothing of how deeply intertwined they all are with alphabet agencies and data brokers.
At the very least I’d use extreme caution and operate under the assumption that they’re not being 100% truthful.
Many of its mechanisms effectively forced entire industries to require a ton more identification, record-keeping, and access by law enforcement… particularly financial and telecom companies. Or at least that’s how courts and corporate lawyers ultimately interpreted it. Potato, potato.
Though you are right that the act itself was not reauthorized in 2020. I must have missed the final vote, after its initial passage. That said, plenty of its impacts remain as they’ve been spun off into their own bits of legislation. I suppose “post-Patriot-Act America” would have been more accurate for me to say. Apologies!