Skip to content
Tech News
← Back to articles

Proton meet isn't what they told you it was

2026-04-03 | original
read original get Proton VPN Service → more articles
Why This Matters

Proton Meet's claim of providing a privacy-safe video conferencing alternative is misleading, as it relies on US-based infrastructure governed by the CLOUD Act, which can compel data disclosure to authorities. This highlights ongoing challenges in ensuring true privacy and compliance in cloud-based communication tools for consumers and organizations alike.

Key Takeaways

Proton built Proton Meet to escape the CLOUD Act. They built it on CLOUD Act infrastructure. Their website promises "not even government agencies" can access your calls. The company routing them hands your call records to the government when asked. Proton hid them from their privacy policy.

Proton’s launch blog post for their new video conferencing product contains this paragraph: “laws like the US CLOUD Act can compel US-owned video conferencing platforms to hand over any data they store, even if the servers reside outside of the United States. This creates serious compliance challenges for organizations bound by GDPR, CCPA, or similar data protection laws. That’s why we’ve created Proton Meet.”

Listen to this article 0:00 --:-- 1x Failed to load audio

The pitch is that Zoom, Google Meet, and Microsoft Teams are CLOUD Act-subject, and Proton Meet is the safe alternative. Their blog describes the result as “as private as meeting in person.” I spent the launch day investigating that claim. Proton Meet is built entirely on LiveKit Cloud, a US company whose contracts are governed by California law, subject to the CLOUD Act, with an infrastructure chain made up exclusively of American companies.

The disclosure is in Proton Meet's own privacy policy: "Proton Meet relies on infrastructure providers LiveKit Cloud to deliver real-time video conferencing. LiveKit Cloud handles the transmission and routing of data."

LiveKit Cloud is a California-incorporated commercial infrastructure vendor. Their terms of service specify that all disputes are governed by the laws of the State of California, with venue in the federal or state courts of Santa Clara County.

Their privacy policy explicitly acknowledges FTC jurisdiction and states the company will "access, preserve, and disclose your information" to comply with "law enforcement requests, national security requirements, and legal process, such as a court order or subpoena," the exact scope of the CLOUD Act. Proton built their CLOUD Act escape hatch on CLOUD Act infrastructure.

Their security model page compounds this by stating "We utilize a distributed network of data centers around the world like we do for Proton VPN," implying Proton owns and operates the call infrastructure.

The Meet privacy policy confirms LiveKit Cloud handles it. Those data centers belong to DigitalOcean, Google, and Oracle, all American companies under LiveKit's operational control.

I confirmed this at the network layer during a live session. After running ss -tnup to capture a connection baseline, a Proton Meet session in Brave showed active connections to 161.115.177.32 on port 443, a LiveKit-owned IP block (ARIN OrgId LIVEK) hosted on Oracle Cloud Infrastructure, Phoenix, Arizona (AS31898). When a second participant joined with video, a connection appeared to 44.224.75.233 , which resolves to ec2-44-224-75-233.us-west-2.compute.amazonaws.com , an Amazon EC2 instance in the us-west-2 Oregon region.

... continue reading

Explore topics: proton meet cloud act livekit cloud proton california
Related:
California just hit an inflection point for batteries
Show HN: European alternatives to Google, Apple, Dropbox and 120 US apps
This California Billionaire Wants to Tax AI Tokens to Create a Sovereign Wealth Fund
Proton Meet Isn't What They Told You It Was
Delivery Robot Companies in Trouble as Bot Become Targets for Vandalism

© 2026 GoKawiil

About | Editorial Policy | Contact