I think we must make it clear that this is not related to AI at all, even if the product in question is AI-related.
It is a very common problem with modern marketing teams, that have zero empathy for customers (even if they have one, they will never push back on whatever insane demands come from senior management). This is why any email subscription management interface now is as bloated as a dead whale. If too many users unsubscribe, they just add one more category and “accidentally” opt-in everyone.
It’s a shame that Proton marketing team is just like every other one. Maybe it’s a curse of growing organization and middle management creep. The least we can do is push back as customers.
I disagree: in as much as I have noticed this *far* more with AI than any other advancement / fad (depending on your opinion) than anything else before.
This also tracks with every app and website injecting AI into every one of your interactions, with no way to disable it.
I think the article's point about non-consent is a very apt one, and expresses why I dislike this trend so much. I left Google Workspace, as a paying customer for years, because they injected gemini into gmail etc and I couldn't turn it off (only those on the most expensive enterprise plans could at the time I left).
To be clear I am someone that uses AI basically every day, but the non-consent is still frustrating and dehumanising. Users–even paying users–are "considered" in design these days as much as a cow is "considered" in the design of a dairy farm.
I am moving all of the software that I pay for to competitors who either do not integrate AI, or allow me to disable it if I wish.
To add to this, it's the same attitude that they used to create the AI in the first place by using content which they don't own, without permission. Regardless of how useful it may be, the companies creating it and including it have demonstrated time and again that they do not care about consent.
> I left Google Workspace, as a paying customer for years, because they injected gemini into gmail
I wonder if this varies by territory. In UK, none of the Gmail accounts I use has received this pollution
> I am moving all of the software that I pay for to competitors who either do not integrate AI, or allow me to disable it if I wish.
The latter sounds safer. The former may add "AI" tomorrow.
I am in the UK. TBC this isn't a gmail.com email address, this is a paid "small business" workspace against a custom domain.
Eventually they backtracked and allowed (I think?) all paid customers to disable gemini, but I had already migrated to Fastmail so :shrug:
>I disagree: in as much as I have noticed this far more with AI than any other advancement / fad
I agree with gp that new spam emails that override customers' email marketing preferences is not an "AI" issue.
The problem is that once companies have your email address, their irresistible compulsion to spam you is so great that they will deliberately not honor their own "Communication Preferences" that supposedly lets customers opt out of all marketing emails.
Even companies that are mostly good citizens about obeying customers' email marketing preferences still end up making exceptions. Examples:
Amazon has a profile page to opt out of all email marketing and it works... except ... it doesn't work to stop the new Amazon Pharmacy and Amazon Health marketing emails. Those emails do not have an "Unsubscribe" link and there is no extra setting in the customer profile to prevent them.
Apple doesn't send out marketing messages and obeys their customers' marketing email preferences ... except .. when you buy a new iPhone and then they send emails about "Your new iPhone lets you try Apple TV for 3 months free!" and then more emails about "You have Apple Music for 3 months free!"
Neither of those aggressive emails have anything to do with AI. Companies just like to make exceptions to their rules to spam you. The customer's email inbox is just too valuable a target for companies to ignore.
That said, I have 3 gmail.com addresses and none of them have marketing spam emails from Google about Gemini AI showing up in the Primary inbox. Maybe it's commendable that Google is showing incredible restraint so far. (Or promoting Gemini in Chrome and web apps is enough exposure for them.)
> That said, I have 3 gmail.com addresses and none of them have marketing spam emails from Google about Gemini AI showing up in the Primary inbox.
That's because they put their alerts in the gmail web interface :-/
"Try $FOO for business" "Use drive ... blah blah blah"
All of these can be dismissed, but new ones show up regularly.
> Apple doesn't send out marketing messages and obeys their customers' marketing email preferences ... except .. when you buy a new iPhone and then they send emails about "Your new iPhone lets you try Apple TV for 3 months free!" and then more emails about "You have Apple Music for 3 months free!"
That's "transactional" I'm sure. It makes sense that a company is legally allowed to send transactional emails, but they all abuse it to send marketing bullshit wherever they can blur the line.
> Maybe it's commendable that Google is showing incredible restraint so far.
Or the Gmail spam filter is working.
> only those on the most expensive enterprise plans could at the time I left.
lol. so the premium feature is the ability to turn off the AI? That's one way to monetise AI I suppose.
Even WhatsApp has it in the search bar
I believe this is combined with something I call "asymmetry blindness". They may say "but we send an single e-mail per month, this can't be bad".
We the users get a barrage of e-mails everyday because every marketing team is thinking we only get their mail, and it makes our lonely and cold mailbox merrier.
No, users are in constant "Tsunami warning!" mode and these teams are not helping.
If they were sending just one per month I might actually read them occasionally. It's the three a day from the likes of aliexpress that get deleted without a second glance.
But yes, you're absolutely right - "no raindrop considers itself responsible for the flood".
Our subscription product costs less than expensive coffee. Unused RAM is wasted.
Again, no raindrop considers itself responsible for the flood: if you buy enough coffee-priced subscriptions, that's unaffordable. Usually people already have their coffee-priced budget allocated to something. Like coffee.
(Incidentally, this is why mobile gaming uses so many anti-patterns, to make people keep making "just one more" tiny purchase)
I guess the people you quote also missed that not all of us work in Silicon Valley and can afford those expensive coffees every day. I’d like an estimate of how many Nescafé powder coffee cups I’d have to skip per month to use their subscription.
I'm pretty sure some people have performance metrics attached to their "newsletter".
Indeed. I received 28 unwanted emails of this kind in January so far (just counted), which is a bit more than once per day, despite quite avidly unsubscribing from this kind of emails. This month I had to unsubscribe from ChatGPT and GitHub emails of this kind too, although I don’t recall opting in to them in the first place and neither of them spammed me until recently.
> although I don’t recall opting in to them in the first place and neither of them spammed me until recently
Dark pattern. They know you'd spot immediate abuse , so they delay until you are likely to have forgotten whether you opted in.
The problem is not just empathy. It is also ethics. The fine distinction between opting out of A and opting out of B described in the post served to justify ignoring the opt out request. That's lazy ethically. The entire US business sector's customer relations are completely compromised ethically. It's taken to extremes in tech contexts.
In large organizations motivated reasoning trumps ethics. Behavior starts working along incentive gradients like an ant heap. Spend enough time in an environment like that and you learn to frame every selfish decision as good for the customer.
I think maintaining ethics in large organizations is one of the main challenges of our time, now that mega corps dominate our time and attention.
> Spend enough time in an environment like that and you learn to frame every selfish decision as good for the customer.
This reminds me of "in order to save the environment, we are going to delete all of your recordings older than 2 years, in 2 weeks. You can't download them."
> I think we must make it clear that this is not related to AI at all
There are clear AI-specific reasons why it's being crammed down everybody's necks.
Namely: someone in management has bet the entire strategy on it. The strategy is not working and they need to juice the numbers desperately.
Still happy that Tuta Mail is anti AI, and does not push ads on you via email.
I wonder who told Proton that it’s a good idea to copy big tech tactics.
Does??
> I wonder who told Proton that it’s a good idea to copy big tech tactics.
The lure of big tech profits.
Not :)
Genuinely: What profits!?! The only company profiting from AI has been nVidia. Every indicator we've received for this entire alleged industry is companies buying hundreds of millions of dollars in graphics cards that then either sit in warehouses depreciating in value or, worse, are plugged in and immediately start losing money.
The tech industry has coasted on it's hypergrowth story for decades, a story laden with as many bubbles as actual industries that sprang up. All the good ideas are done now. All the products anyone actually needs exist, are enshittified, and are selling user data to anyone who will pay, including products that exist solely to remove your data from everyone who bought it and probably then sell it to some other people.
This shit is stupid at this point. All Silicon Valley has to do is to grow up into a mature industry with sensible business practices and sustainable models of generating revenue that in most other industries would be fantastic, and they're absolutely apoplectic about this. They are so addicted to the easy, cheap services that upended entire other industries and made them rich beyond imagining that they will literally say, out loud, with their human mouths, that it is a bad, undesirable thing to simply have a business that makes some money.
The people at the top of this industry are literally fucking deranged and should be interred at a psychiatric facility for awhile for their and everyone else's good.
> I think we must make it clear that this is not related to AI at all
Yeah, many companies do that. I unsusbcribed from newline, they still keep spamming me. Funny thing is, they realised they had made a mistake and promised to remove unsubs. One week later, the spam started.
The correct solution is the spam button. Always
> The correct solution is the spam button. Always
The correct solution is filing complaints with your country's relevant authority
The spam button risks false positives.
I feel more and more like. That email should be like DMs.
Do you want to accept emails from xxx?
Yes
No
On client side...
Very dangerous, when the same From address may be used for "Log in inside 14 days or your dormant account will be deleted".
The problem with tech is that there's absolutely zero accountability.
Marketing is, to some extent at least, regulated. There's so little consumer protection in the tech industry, it's a joke. We've got GDPR (in Europe) and I'm really struggling to think what else. Imagine if other forms of engineering had the same level of control.
There's this absolutely fallacious notion that in a free market, customers can just vote with their feet.
From big players with vendor lock-in and network effects, to specialists (I know of few decent competitors to Proton), the average consumer is not sufficiently protected from malpractice.
We may say, "oh, it's just a marketing email", but TFA perfectly encapsulates the relationship we have with our suppliers.
Now that we're at it, let's talk about Google ads. I reported a Google ad because I deem it political, and in Europe you must make it clear that a political ad is a political ad and not just an ad (and it failed to do so, it should be corrected or eliminated).
Google refused to comply and act in any way, because they "don't moderate 3rd party content". Except that EU says you _must_ comply if you're publishing a political ad. I'm bringing this forward with an appeal and then I'm going to escalate to the national authority if they still refuse to act.
The laws are there. It's just that big tech think they can ignore them freely and even if down the road there's a fine it's going to be much less than what they gained by spreading ads.
Enforcement in UK is pathetic e.g. HelloFresh's recent spam campaign cost it <0.2p per message in fines. A bargain.
To name and shame two: LinkedIn and MyHeritage. If you ever made an account with either of them, they will never stop spamming you. They have configuration options to select which mail to receive, but they appear to consider them temporary suggestions.
A special dishonourable mention goes to Wal-mart. I never interacted with them in any way whatsoever, as well I wouldn't since they don't exist on my continent as far as I know, yet they still send me spam. DKIM signed and all!
LinkedIn once seemed to somehow go through my (GMail?) contacts and ask if I should invite my, late, grandfather to the platform in the subject of a marketing message.
Left a bitter taste.
> I think we must make it clear that this is not related to AI at all, even if the product in question is AI-related.
It is not specific to "AI" but it is very much related to it.
> If too many users unsubscribe, they just add one more category and “accidentally” opt-in everyone
... and "forget" to add its opt-out to the list.
> It’s a shame that Proton marketing team is just like every other one.
Having gone through the Proton hiring process was an eye opener for me: despite its stated mission, the company isn't special when it comes to its management, it's as bad as any other.
It is entirely related, because AI marketing is an amped up version of traditional dark-pattern marketing. And since every tech company is on the AI hype train, then they all fall into the same willingness to justify the worst behavior because of their desperate need to get on the forefront of what they’ve convinced themselves is the only path to growth. But as consumers, since we are confronted with all tech companies all following the same dark patterns, we feel the impact suddenly much stronger than with past one-at-a-time panicky company over-marketing efforts.
It is an error to believe this is only happening in/with marketing. In general, "empathy" and "capitalism" are mutually exclusive. If profit is your goal, you don't care about individuals.
There’s probably a bigger association with it. I don’t like ai and see it everywhere, in every app I use, every service I purchase, my goddamn start bar.
So, when they start emailing unwanted emails, it feels like a spam problem, when really it’s insidious on multiple fronts.
I can’t wait for the enshittification phase. When the products royally fuck their fan base.
I had a similar problem with SunLife marketing emails. I would unsubscribe from everything there was an option for, then a month later I would get another marketing email setting personal finance advisors. I spoke to support to be told how to unsubscribe, then that it "was an account information email not a marketing email so I cauld not unsubscribe".
Eventually after escalating I was put on a do not email list and haven't received emails since; though they do still send crap to my work email.
I tend to have a policy: I will click on your unsubscribe button once, after that it's straight to 'report spam'. If that sinks your domain ratings, that's on you.
> Has anyone else noticed that the AI industry can’t take “no” for an answer? AI is being force-fed into every corner of tech. It’s unfathomable to them that some of us aren’t interested. The entire AI industry is built upon a common principle of non-consent.
I can't help but see the spam as more circumstantial evidence of a bubble, where top-down "pump those numbers" priorities overrides regular process.
The really strange thing is that so much of it doesn't work. Like I get that the SOTA models perform some tasks quite well and have some real value. But the AI being implemented in every corner creates a lot of really bad results. The Shopify code assistant will completely wreck your site and basically gets nothing correct. It will write 100 lines to change a color of a single DIV. The Amazon product Q&A will give you wrong information more frequently than not.
In what mind frame is it logical or necessary to put these extremely poorly functioning products in to the wild?
It's a desperate attempt at staying relevant, even if most of those companies don't realize it yet. Because of its general-purpose nature, AI subsumes products. Most software products that try to "implement AI in every corner" would, from the user's POV, be more useful if they became tools for ChatGPT/Claude/Gemini.
People's goals are rarely limited to just one software product, and products are basically defined as a bag of tools glued with UI, that work together but don't interoperate much with anything else. That boundary drawn around a bunch of software utilities, is given a name and a fancy logo, and sold or used to charge people rent. That's software products. But LLMs want to flip that around - they're good at gluing things, so embedding one within a product is just a waste of model capabilities, and actually makes the product boundary more apparent and annoying.
Or in short: consider Copilot in Microsoft Word, vs. "Generate Word Document" plugin/tool for a general LLM interface (whether Gemini webapp or Claude Code or something like TypingMind). The former is just an LLM locked in a box, barely able to output some text without refusing or claiming it can't do it. The latter is a general-purpose tool that can search the web for you, scrap some sites and run data analysis on results (writing its own code for this), talk results over with you, cross-reference with other sources, and then generate you a pretty Word document with formatting and images.
This is, btw., a real example. I used a Word document generator with TypingMind and GPT-4 via API, and it was more usable over a year ago than Copilot is even now. Partly because Copilot is just broken, but mostly because the LLM can do lots of things other than writing text in Word.
Point being, AI is eroding the notion of software product as something you sell/rent, which threatens just about the entire software industry :).
AI is the first path out of enshittification the industry has had in a while.
See https://arstechnica.com/information-technology/2026/01/ebay-...
It will be funny to see the rapid about face.
"It's difficult to get a man to understand something when his salary depends upon his not understanding it."
In this case, the thing that's difficult to understand is "AI in everything is shit and nobody wants it."
Agree. The number of services i use where the apps continually add new marketing preferences which are defaulted to ‘enabled’ despite the fact that all other preferences are disabled is disgusting and clearly used by some companies to ignore people’s actual preferences.
LinkedIn is one of the worst offenders.
Whenever I login to LinkedIn I get "emails aren't getting through to your main email address".
1. That's by design, because you spammed the shit out of it. 2. Given that all I do is send them to /dev/null, HOW DO YOU KNOW?
They're checking to see whether any of the links they put in the emails are being fetched from their servers. It's stupid, but it works for most people.
I had a similar situation with SMS messages that were being sent to me with links informing me of status updates. These texts were useful, and I would go over to my real computer to check the web site. Then after a few days the text messages said "It looks like these messages aren't getting through to you, so we'll stop sending them." Which is also stupid, but it works for most people that load the web site on their phone from the SMS link. God help you if you have a dumb-phone.
You don't need the recipient to actually click on any visible link. Tracking pixels are the oldest trick in the book.
Probably tracking pixels in the emails
So they'd miss it anyway, my mail client is firewalled to only be able to access the mailserver.
I've been unsubscribed from a handful of newsletters because I don't read them. I replied to one and told them I did, even reached out on Twitter, but they still deleted me.
control+alt+shift+Win+L
This never stops annoying me that it exists.
What the fuck lmao
Have you noticed certain financial providers sending blatant marketing emails with no unsubscribe option and a comment along the lines of "these emails are not marketing"
This is illegal practice in the EU
Yet rife. My complaint to a major UK provide was rebuffed with the blatently false assertion that the email promoting a website refresh was an essential service email.
It's illegal in the US too as far as I'm aware. But you missed the part where they clearly stated "it's not marketing" ;)
The corporate version of video-uploaders writing "no copyright infringement intended", except with less an an excuse for not knowing better.
"For Off-road Use Only"
They go in the junk folder and then get marked and reported as spam.
Dangerous, since this invites genuine service emails to be junked.
Yes, but not anywhere near as annoying for me at least.
I saw a Mastodon tweet a while ago, which went something like:
Do tech companies understand consent?:
- [ ] Yes
- [ ] Ask me again in a few days
Hey, that sounds like Signal!
https://github.com/signalapp/Signal-iOS/issues/4590
>We're not going to remove the reminders.
>If you don't want to provide that access, you still don't need to – you can simply tap remind me later once a month
(See also: https://github.com/signalapp/Signal-iOS/issues/4373, https://github.com/signalapp/Signal-iOS/issues/5809, ...)
I get their point that you can't provide a "No" in the reminder. But there should be an option (maybe even hidden under "advanced settings - here be dragons!") for this.
Signal is an interesting case study in UX failure. I and a bunch of other tech forward people were on it in its heyday but after they removed SMS support and implemented shitty UX like that nag dialog: Neither I nor a single person I know uses it any more. Everyone is on Whatsapp or iMessage.
It may be cryptographically superior, but does that matter at the end of the day if nobody uses it?
Cryptographical superiority aside, Signal doesn't collect personal data, unlike Whatsapp. For me that's the main reason to use it. The UX is good enough, although some points can for sure be improved.
Whatsapp should be a non starter. What Mark Zuckerberg did to Whatsapp should be required reading for anyone using the internet, and then decide if you still want to use Facebook (never mind, they build a shadow profile for you anyway)
"It's time. Delete Facebook" isn't subtle https://www.forbes.com/sites/parmyolson/2018/09/26/exclusive...
That needs spelled out.
Delete: Facebook, Messenger, Instagram, WhatsApp, Meta, Threads, Manus.
Most people think of Facebook and Messenger when they see "Delete Facebook". Thats also why the rest dont have Meta or FB in their name.
Sounds like they just don't care about privacy, do they? Guess showing them https://i.redd.it/0imry50rxy961.png still won't change anything..
WhatsApp isn't any better, it's just more popular.
> It may be cryptographically superior, but does that matter at the end of the day if nobody uses it?
I've made a few attempts to convert people, but no-go. People stay on Telegram and WhatsApp because they have better UX and features.
Signal refuses to see the value in good attractive UX.
This. We must change laws that the above field is not considered as given consent. And while we are at it, we must change "silence is agreement" to "silence is disagreement". This applies to change of ToS, price increases etc. That means if I don't click a link with a button "I agree", the ToS change is not accepted - that means they have to cancel/delete my account.
Didn't FCC remove "1-click unsubscribe" requirement since it can "provide more choice and lower prices to all users across the board" (since the companies can rip off more users and create pseudo-lower prices)?
EU has its GPDR and it has some teeth, but US is currently hopeless on that front, for now, from my vantage point.
I'd love to be stand corrected though.
> And while we are at it, we must change "silence is agreement" to "silence is disagreement".
Maybe we should reframe their "silence is agreement" message as "silence is consent".
They ran out of letter "o" supply, so they can't spell "no".
This problem, along with general annoyances at Proton’s lack of focus on a good email experience pushed me over the edge to move to Fastmail. I’m so much happier. Proton Mail Bridge would often pin one core of my laptop CPU, draining my battery, and it was still slow to sync new email. With Fastmail, incoming mail is so fast that the verification codes are already there before I can alt tab over.
I'm in the same boat. I think part of that is Proton is spread across a huge suite of products and features, whereas Fastmail is specialised in one.
> Fastmail is specialised in one.
Sadly untrue since they added calendar. However I'd would say the email service and support remain excellent regardless.
It feels like Proton is trying to build a solid Europe-based alternative to Microsoft 365, which is necessary but also very ambitious and expensive.
Same here, I've found too many bugs in Proton's email client and instead of fixing them they just release new products. FastMail support has been great, I think the developers themselves reply (some of the?) emails, going into technical details and being actually helpful.
> FastMail support has been great
Seconded, failing only when up against tricky issues like insecurity of their so-called secure Masked Email.
I may be in the same boat.
Is Fastmail an US company though?
They solely use US servers [1] and don't have plans to offer EU or any non-US servers though.
[1] https://old.reddit.com/r/fastmail/comments/1jbryai/european_...
Fastmail is an Australian company.
I have a Proton mailbox I specifically keep around to serve as a honeypot, for tracking when one of the many annoying little services will inevitably mishandle the contact address I hand them.
Over the years, the only spam I ever received there was from Proton. Quite the way to recalibrate my expectations, eh?
i think i have a proton email address, but i never used it. i wonder.
but i pay fastmail a whopping $15/yr to give me mailboxes on my domain, which i have always heard is a good way to track who's selling your data.
So far, nothing has made it past the spam filter, and i don't check spam (how many valid emails have you found in spam in the last 5 years?); that being said apparently no one is selling my email address anymore. or, and this is a significant possibility: when i tell them companynickname@mydomain.li they just ignore the domain and put in gmail? For instance i gave Take5 "take5@" as my email and i never received anything from them. The guy even said "No; your email address" with a weird half smile; then i explained it's my own website and email, i can use any email address i want; that it will alert me if someone sells my email address.
I doubt there's a flag on the auto oil shop's CRM or POS or whatever for "customer states they're proactive about email spam and their privacy"
> (how many valid emails have you found in spam in the last 5 years?)
Personally, running SpamAssassin, zero.
However, this seems to be getting worse with the big providers deciding to drop domains they don't like from time to time. Selfhosted email will work for 4 years and then Google or Microsoft will spam them for a month for no reason. It always starts working again because I assume that what they are doing is technically anti-trust and running it for too long would make it obvious.
This is not an AI problem, it's an "data privacy + lack of consequences problem". It happens everywhere. I mean, have you ever tried making an airline company to stop sending their shitty miles newsletters?
Only way to stop is to start fining these companies.
Not sure where you live, but inside the EU / UK this is rarely a problem because the companies do get fined. If youre having problems like this report them to your relevant authority. But as another commentor noted, AI bubble makes paying spam fines more worthwhile than bubble popping.
> Not sure where you live, but inside the EU / UK this is rarely a problem because the companies do get fined.
Here in UK is is a frequent problem and companies rarely get fined e.g. MS never.
Only if the company is headquartered in EU/UK, right? Proton, for example, is headquartered in Switzerland. Even if it wanted, there would be no legal entity in EU to be fined.
This isn't an AI issue. Marketing departments have been like this forever, or at least since the infamous Canter & Siegel 'Green Card' email.
https://en.wikipedia.org/wiki/Laurence_Canter_and_Martha_Sie...
I only use Proton for the spam or temporary low value (and free) email accounts. Proton also tries to do everything, which I don't like. If I did I'd use Google.
The thing I pay for is Tuta. The cheapest tier is way more generous than Proton and the product is simpler.
I have also been using Tuta for years. No complaints
I have the exact opposite opinion. I use proton business together with their email, vpn, calendar, drive (on macOS), password manager etc. and switched specifically because of their encryption, data protection and fulls-size feature bundle. Plus, I migrated vom Office365 and it became a shitshow to manage and was full of bugs. And I had a separate bitwarden subscription, and a separate VPN subscription. Now it is one package, much preferred.
Oh yeah, having your passwords online is a great idea /s
It is, if they are encrypted. Without a password manager, I would inevitable have to reuse the same passwords over and over on my hundreds of different accounts. With a password manager, they are auto-generated random gibberish. And yes, even when using 2FA, you should have different passwords for all accounts.
Bitwarden, OnePassword, LastPass, Proton Pass etc. are password managers with dozens of millions of users that agree.
It's not, because the world we live in isn't binary. It's not true that "it's encrypted therefore nothing can go wrong". Putting your password manager online increases the risk of an accident.
And just because millions of people think this is a good idea, doesn't make it a good idea. Millions of people also reuse their passwords and that doesn't make it a good idea either.
Of course it is a tradeoff between security and usability. Not putting your passwords online forces you to either remember all passwords (which will lead to re-use) or you will be only available to access your accounts (and thus most of the internet) from your home. Or you will have to come up with elaborate system how to carry your passwords on some kind of secured device etc. A password manager (alongside 2FA) is a very good security/usability compromise for a lot of people. YMMV.
Funny they mentioned the GitHub email. I got the same one and unsubscribed from every GitHub email immediately. I wonder if they track how fast people unsubscribe after opening particular emails.
They do. Companies will track app uninstalls also.
I had a similar issue with Microsoft today. They obviously invented a new "Copilot Newsletter" and subscribed my address to it, without my consent.
I wonder what the legislation says (I'm in Germany). I know that some business related mails are deemed legal, but this seems to clearly cross the line.
UK legislation says it is illegal. MS are serial offenders and the UK regulator has charged them not once.
Same. Posted a comment about it [0]. I already filed a GDPR and ePrivacy compliants. Happy to share notes. Contact details in my profile.
Cross the line? It all seems a tad dramatic to me.
You've been subscribed to some new marketing mail list against your wishes, from an existing service.
Not great, but as long as the unsubscribe button is working and this does not occur repeatedly, it just seems like not such a big deal.
To me it seems like some users demand a way to block any messages about AI because the topic sends them over the edge for political reasons. That's not a reasonable expectation.
no unsubscribe button in this MS Copilot campaign. And they’re trying to gaslight like it’s some essential notification when it’s clearly and blatantly unnecessary marketing spam.
Of course it appears repeatedly. It occurs every single time they run a new marketing campaign.
Odd, I didn't even know Proton had an AI feature until I read this article. Didn't get an email or tooltip while using the app. Didn't previously explicitly opt-out either, and when I check my notification settings, Lumo product updates is set to disabled.
Maybe someone's feature gate isn't working as intended?
I did get the Github Copilot spam email today though.
Me neither, it's probably related to OP having a business subscription
I do think the same too, I have a Proton subscription (non-business), my "Lumo Product Updates" is toggled OFF and I've never received a single Lumo email so far.
I have often found proton’s intrusive marketing campaigns annoying.
I use them for email and that’s all I want. Every time they market some new product to me, I get closer to moving to a new provider.
I canceled my subscription, and deleted my account due to the nagging and promotional annoyances.
I've contacted the support, but they basically don't care.
There are not multiple ways to fight back against this behavior. I am now with mailfence until they start the same circus.
Great timing: I just received a Copilot spam email from GitHub. I don't remember opting in to such marketing communications, instead I generally opt-out from such communications as soon as I sign up to a service...
Same here. They created a new newsletter and added you to it without your consent.
Proton should pay that guy for his rage post. First time I’ve heard about Lumo, will certainly try it out!
Trust is maybe the most valuable commodity for a VPN provider… And I have the feeling Proton is gambling it away.
It made me move to Mullvad.
Despite the fact that in terms of performance Proton is slightly better. (underscoring just *how* crucial ‘trust’ is)
> Proton for Business newsletter
AFAIK you are legally allowed to spam businesses, but not individuals. A handy get-out clause for marketeers.
How do you know the address you’re emailing belongs to a business? The head of A&A ISP in the UK used to regularly win ~£100 judgements in small claims from spammers because his personal email was leased for a nominal fee from aa.net.uk, the same domain as his business.
OP had checked that they would like to receive the "Proton for Business newsletter", and on that basis was deemed a "business".
If your email is used as a contact on Business subscription it is safe to assume that it is used for business purposes.
I mean that's cute and all, but it's a party trick, and very unlikely it caused any actual behaviour to change.
When I migrated my email from Gmail, I took a careful look at Proton and Fastmail.
Proton's very questionable design and claims around encrypted emails and their service offerings made me concerned, which were the main reasons I went with Fastmail.
So far it has worked well, and I hope it stays that way.
Same here. Tried out Proton and Fastmail, and chose Fastmail. Been happy with it for a few months so far.
I'm so fed up with Proton. I will be taking my business elsewhere. Instead of making a great product for X, they've decided to make a series of extremely mediocre products for P, Q, X, Y, Z and W, all of which are left missing the most basic features for years. Features which even the free alternatives already have. Things like supporting unicode in email headers without having to use punycode, creating mailboxes from sieve filters and a bunch of other sieve expansions, and decent, portable, non-bugridden integration with email clients. Protondrive has such dogshit speeds it's basically completely useless. The nat-pmp support on their vpn servers is very strange, and it took me a couple weeks to craft a script that could handle all of its idiosyncrasies, none of which are documented. I haven't even bothered trying their calendar, password manager, or the Yet Another AI Service they keep sending me upselling emails for. I don't need any of those things, but I'm sure they have similarly lacklustre feature parity.
Doesn't help that when i notify them about these things, their support people just gaslight me. "I've notified our development team about this". Then nothing happens. I told them about the speed issue with protondrive when it was new, that was years ago now. Still not fixed, no updates, nada.
I will be moving to something like fastmail, plus some other vpn service, since those are the only two products of theirs I'm actually using. It seems like I'll get a far better product in both cases for almost half the overall cost.
The 'not technically a Lumo email' dodge is the real story here. When you create a product category specifically to bypass user preferences, the opt-out mechanism becomes performance rather than policy. This isn't unique to Proton or AI - it's the inevitable result of conflicting incentives. Marketing teams are measured on engagement, not consent satisfaction.
This is good timing actually. I've been self-hosting SimpleLogin for a while but was considering the lifetime subscription to Proton to get it (it comes with ProtonPass but I selfhost VaultWarden).
Last week I logged into my Proton mail that I'd used last year for some government contact to get the dates, and they'd deleted the account for inactivity. Ok, I don't pay, they're entitled. But now I see this and I think maybe I'll save the $150 or whatever it is.
I've been using Fastmail for years now, and I'm completely satisfied. Custom domain + built-in masked email functionality works great.
The FM Masked Email is insecure in that there is a circumstance under which it can leak your real email.
Legit point and agreed with everything, however wait until an email address of yours reaches the database of lead generation websites and you will see that you will never be able to keep count of the violations. Newsletter lists add your email in automatically and people sell you stuff without the unsubscribe button in the email, so no way to block them... I understand your concern but dealing with far worse
I got the same email on the same date. Unsubscribe told me it was from the 'important announcements' list - I fail to see how this could possibly fall into that category.
I guess I can't have important announcements from Proton in the future if it's polluted with these low value messages.
Even more hypocrisy:- if you have Proton Unlimited subscription, Lumo AI will be limited, not remembering conversations. And when it’s promoting you to upgrade, mentions in the same message that your Lumo is limited while you have Unlimited subscription.
I’m not sure it’s quite fair to call this hypocrisy. Lumo was introduced separately after the Proton Unlimited subscription, and it was never claimed to be included in Unlimited (they also have a handful of other products like Standard Notes that are not included)
Every company seems to scramble trying to sell AI based products they have invested in so heavily, disregarding whether anyone needed them at all in the first place.
This AI thing is going to implode so hard.
Lumo is not end to end encrypted. The model is in some kind HSM? Are those trusted?
If they are, I see some people might be interested.
Hey, Proton CTO here. There was a bug, and we fucked up. Support should have reported it up the chain and acknowledged this. Things happen, especially at scale, but we take comms consent seriously and will fix it.
Thanks for acknowledging it. Your support team misattributed the email to Business category. It may help to have the exact name of subscription category in the footer of the message.
That's not a bad idea, I'll see what people think. Note that clicking on the unsubscribe link will unsubscribe you to whatever comms preference was specified in the sending and tell you what it was.
Thanks. Well done.
I also received the email from github about AI that the author mentioned. No matter what you do, they will keep pushing the AI slop onto you.
For me, these kinds of emails especially stick out, because I like to keep my proton inbox clean and unsubscribe from everything I can.
> I don’t know about you, but I think that’s baloney. Proton Support had five full business days to come up with a better excuse. Please tell me, how can I have been any more explicit about opting out of Lumo emails, only to receive “Try Lumo” “From Lumo”, and be told that is not actually a Lumo email?
As someone who is in support in tech (not proton) I can tell you exactly what happened.
Day 1 they already knew which email it was, they probably had other tickets about this, they probably had an open discussion about this with marketing/product team.
Day 2-4 was the support agent arguing with marketing/product about how it's absolute bullshit to send out a AI newsletter when the user has it unticked and what they are going to do so it doesn't happen in the future.
Day 5 is marketing/product telling them that this is Working as designed and theu aren't going to stop this in the future. This is the day the support person works on this email with their team and potentially their manager.
It goes through a couple of "rewrites" for liability/protecting ass. The end result is the email you got, they know you are going to give a bad CSAT/NPS survey and it's going to kill their metrics.
They want nothing more to write and email that says, "Sorry marketing and product are fucking idiots and can't read. I fought for this to be disabled, but told me it's not going to happen, sorry" but culture and then not wanting to lose their jobs is why they didn't send this.
I really hope you didn't give them a bad survey.
I hope they sued
This make me think of the GitHub spamming issue.
See, my GitHub email is not my main address, and when I got some it's either from a user of one of my repository or from a marketing team that extracted thousand of address from starred repositories to fake genuine email with my name and all.
The things is, it's always a less than stellar product. It started with NFTs, calm down for a bit and now came back with a vengeance with AI startups.
I guess it's a number game for them but I can't comprehend their lack of value, same for those peoples that subscribes to everyone just to gain a sub back (and judging by the number, a lot of people sub back without thinking about it, so it works).
Damn I despise that marketing-bussiness hellscape that the internet slowly morphed into along the years. We can't have nice things because there will always be a prominent proportion of us that would exploit it for personal gain and we would do collectively nothing against it, for the name of liberal economic or something. And forward the enshitification goes.
Funnily, Proton was supposed to be the anti-Google, wasn't it? Maybe some of "Proton's not in the US, so not subject to scary NSA warrant canaries"
Except... Gmail has handled spam pretty well? And at least if you do get Spam they actually tell you: https://news.ycombinator.com/item?id=6090712
I dislike Proton's excessive marketing on privacy and encryption topics, especially in their posts on X, where they always claim that accessing the internet without a VPN is a bad thing. It reminds me of Crypto AG.
Everyone would be happier if they just focused on good products instead of excessive marketing. I'm tired of seeing their privacy slop all the time.
Implementing this sort of “functionality” is always the department of a junior team, so that the obvious sorts of questions about defaults can be answered with “a junior dev was responsible for the implementation and messed up”, even though the mess up was by design.
There's one recruiting company I had contact with in 2017 (pre-GDPR, with no checked consent after) and they keep sending me marketing-disguised-as-GDPR emails. "Reply to tell us you want to keep hearing about our career insights newsletter that you never signed up for, or we'll delete your data in 30 days".
In the end I got sick of them repeating this and never deleting the data, so I sent them a SAR. I don't care what data they have but if they want to play the GDPR game so do I.
Here we are! Day after day, I realize that even smaller tech companies suffer from or could not resist the temptation of Enshittification[1] once they start gaining some momentum. I feel this path had became inevitable since everybody is doing this, at scale. I barely could recall some names that stuck to their original motto over time.
____________________
You do what makes money, or you are eliminated from the game. Such is life in capitalism.
I’ve had a similar experience when signing up for Office365 and started getting promotional emails to CoPilot. These (2) emails were without an unsubscribe option.
I contacted MS support and after some back n forth they claimed it was a transactional email that doesn’t require consent or opt out.
Clearly promotional and not necessary but they won’t listen.
I’m in the process of filing GDPR + ePrivacy complaints, but it’s a tedious process, unlikely to do anything.
Lumo will likely be the thing that moves me away from Proton. I've been pretty happy with it, ever since they made the photo's app actually have shareable libraries it's been just as good as any other Google Mail/Photos/Files thing I've used. The password manager plugin for firefox isn't as good as bitwarden, but when you're paying it's part of the package so... If I have to encrypt my files before I use the drive, and they continue to build their AI spy into everything, though, then what is the point really?
Anyway, it is sort of hilarious to report Proton as spam to Proton.
> I've been pretty happy with it, ever since they made the photo's app actually have shareable libraries it's been just as good as any other Google Mail/Photos/Files thing I've used.
Glad to hear you found a service that's useful to you!
> If I have to encrypt my files before I use the drive, and they continue to build their AI spy into everything, though, then what is the point really?
That would be concerning indeed, but there is no such integration today and it seems unlikely they would integrate non-local models into drive. Even on the mail side, any use of LLMs is optional, opt-in, and limited to text production (i.e. no training on your inbox).
It's bewildering to see privacy-focused companies like Proton and DDG jump on the AI train. I guess privacy is just a vehicle for attracting early adopters, and all those principles fall apart once their user base becomes large enough.
What's the issue with a privacy-focused AI assistant that doesn't store all your data?
And completely optional.
I also get pretty pissed of just ignoring gdpr, i just started to downright threaten them on support channels reminding that ignoring gdpr may cost them 2% of annual company turnover or 2 mil. eur, whichever is higher.
You would be surprised how many ridiculous "oh sorry some error in system" excuses you're gonna get. Right, that email accidentally slipped INSERT INTO spam slop database on its own.
And since i started to not explicitly opting in anywhere i know that when i receive a marketing email its abuse of my personal information. Under gdpr you need to explicitly consent to marketing communication. When you register to a service and receive spam you need to opt out from - that's an abuse. Some company try to argue they do so under "legitimate interest" clausule but that's bs and would not hold in court. For example, purchasing a product is not a valid legitimate interest for sending out eshop spam, they would lose.
When the incident repeats or i just get really pissed i go full karen and report them to authorities. I know two busisses had legal troubles because of me because i received deeper follow up emails while solving the case and i am happy for it.
One company that abused my personal data that i ended up not reporting was Telekom: when i contacted their support about spam incident and asked them for log of personal data and all of my consent logs and physical signatures to prove my consent, after which they said "it was a db error" (lol), and when the incident repeated i told them i am about to report them and they offered me 1 year of free internet - i said ok and never received a single spam from them ever again.
Fight back, you have the screenshots, you have the logs, ask for proof, report.
You can take the 1 year free internet, and then report them. It's not legal to commit a crime and then bribe someone not to report it.
I lost all respect for Proton. They've been running ragebait ad campaign on Facebook, maybe also on other media, I don't know that, with that rage especially targeted at Google, spreading fake information and hate.
could you tell more details or links about that ?
Ever since my first interaction with their support is was clear that they DGAF about usability improvements that I'd care about. Time to build an alternative I guess.
"Never attribute to malice that which is adequately explained by stupidity" - Robert J. Hanlon
If you ever tried to setup a martech stack you konw what a PITA is to comply GDPR without any error
File under "some business bro had this classified in the wrong newsletter". I don't see the big deal and I don't extrapolate this into some systemic disease with marketing emails.
They do it every single newsletter?
That's pretty petty, their response actually makes sense. I hope you get over it.
I'm with proton on this tbh. It's not a lumo update, it's an attempt to tell people who don't use lumo about it's existence. Maybe it's not something you want to read but an email saying "hey, have you heard of this thing called lumo" is not something you'd send out to existing lumo users
> but an email saying "hey, have you heard of this thing called lumo" is not something you'd send out to existing lumo users
But it is an e-mail you send out to people who have specifically went out of their way to indicate to you they do not want you e-mailing them about Lumo?
Over in the Proton subreddit we've been wondering if there is currently some kind of Anti-Proton campaign going on. Constantly people will loudly complain about completely benign things and get lot's of people agreeing with them.
