A critical audit of Proton AG's infrastructure revealing that despite marketing as 'Swiss privacy,' user traffic is routed through US-controlled Cloudflare CDN nodes (AS13335) placing it under CLOUD Act/Patriot Act jurisdiction, while their Terms of Service embed US Federal Arbitration Act clauses—contradicting claims of Swiss legal protection and demonstrating a disconnect between marketing claims and actual operational security.
Richard Fontana discusses the 'exploitation paradox' in open source: how changing technological and social infrastructure creates new opportunities to exploit FOSS through loopholes (dual-licensing, SaaS loophole), leading to reactive legal fixes like the AGPL that often fail to solve the underlying problems and create new control points.
Age-verification systems mandated by U.S. state laws to protect minors are creating widespread surveillance infrastructure that collects and concentrates sensitive identity data (facial images, government IDs, addresses) from millions of adults through third-party vendors, creating data breach risks, government demand exposure, and fundamental privacy concerns about the open internet.