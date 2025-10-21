Introduction: Trust, Secrecy, and the Privacy Paradox

On September 15, 2021, a privacy activist received a reply from the Central Intelligence Agency. The question was direct: Had the CIA funded or investigated Switzerland’s ProtonMail, a service trusted by millions for encrypted email? The response could not have been more cryptic—or dismissive: “We can neither confirm nor deny.” For privacy advocates, this language—familiar to intelligence watchers—was not reassurance, but a warning siren.

This moment is not isolated. Forty years earlier, Switzerland’s Crypto AG built encryption devices sold to over a hundred nations, only for global secrets to be siphoned off by the CIA and German BND in a covert partnership that endured for decades. Meanwhile, powerful media baron Robert Maxwell helped ferry the Promis surveillance software—reportedly modified with secret backdoors for Israeli access—into the hands of governments worldwide, laying a foundation for the software-based espionage that defines today’s digital conflicts.

These scandals shattered the idea of a neutral, trustworthy marketplace for privacy technology. Instead, they exposed how secrecy—coated in technical claims and national branding—can be weaponized by intelligence interests for years before users ever suspect a breach. The rise of ProtonMail, VPN providers, and encrypted apps represents not just technological progress, but a continuing contest: Can privacy exist within systems subject to hidden powers, covert deals, and the logic of Cold War subterfuge?

This article follows those threads, tracing the shadowy lineage from Crypto AG and Promis to today’s battles over secure communication, and asks what it would truly take to regain trust in a world where secrecy itself—by design or by denial—remains paradoxically public.

II. The CIA, FOIA, and ProtonMail: An Evasive Trail

In mid-2021, a routine exercise in transparency collided with the impervious wall of intelligence secrecy. Seeking clarity, a ProtonMail user invoked the Freedom of Information Act, requesting that the CIA disclose any records—direct or indirect—relating to Switzerland’s best-known encrypted email provider. The reply, relayed through ProtonMail and later made public by Swiss digital rights lawyer Martin Steiger, began with a statement that immediately set the tone: “We did not locate any responsive records that would reveal a publicly acknowledged CIA affiliation with the subject”—and in the same breath, the agency added that any information about the very existence or nonexistence of further records “is currently and properly classified.”

This “neither confirm nor deny” formula, a longtime hallmark of intelligence correspondence, is more than bureaucratic habit. For critics and transparency advocates, the phrase serves as both shield and warning—signifying realms of activity the public is not permitted to know. The practical result is a permanent ambiguity; the CIA’s refusal to confirm, deny, or clarify breeds precisely the kind of suspicion that privacy-focused services like ProtonMail hope to avoid.

These anxieties only heightened when—almost simultaneously—ProtonMail quietly changed its once-absolutist privacy commitments. In September 2021, investigative reporting revealed that the company had, under legal pressure, begun logging IP addresses of targeted users at the request of European authorities, directly contradicting earlier marketing assertions that it did “not keep any IP logs”. Public scrutiny intensified when it became clear that ProtonMail’s privacy policy had already been altered to remove such guarantees. For observers who remembered backdoors and betrayals of the Crypto AG era, the perception was clear: in the high-stakes world of intelligence and digital privacy, official assurances and public-facing policies remain subject to sudden—and sometimes invisible—change.

III. Swiss Neutrality and the Crypto AG Scandal

For decades, Switzerland carried a global reputation as a neutral haven for both diplomats and digital privacy. This aura of impartiality was central to the international credibility of Swiss technology firms—particularly Crypto AG, a Zug-based company whose cipher machines were trusted by over a hundred governments, militaries, and intelligence agencies worldwide. With their “Swiss-made” label, Crypto AG devices symbolized security and discretion in an era dominated by Cold War intrigue.

Yet behind this trusted façade, a secret arrangement—later exposed by joint investigations—had installed a backdoor vulnerability at the heart of global communications. In 2020, it was revealed that Crypto AG had been quietly acquired and controlled by the CIA and the German BND since 1970. This covert ownership allowed American and German spies to systematically intercept sensitive transmissions from more than 120 countries from allies and adversaries alike. Over decades, critical diplomatic communications, military orders, and law enforcement messages were siphoned to Washington and Berlin without the victims’ knowledge—a massive breach of both trust and sovereignty.

The Crypto AG affair stands as a defining case of how “neutral” brands can be weaponized and how international norms can be subverted by intelligence priorities. Its exposure not only damaged Switzerland’s image as an honest broker, but also left lasting scars on the credibility of global technology supply chains. For privacy advocates, the lesson remains stark: even the most trusted and “independent” companies can harbor secret allegiances, turning the ideals of neutrality and security into tools for unparalleled surveillance.

IV. Promis Software: Technology, Espionage, and Robert Maxwell

The global trust placed in “secure” technology was further eroded by another shadowy saga: the story of Promis software and its mysterious journey through the corridors of intelligence and power. Developed by the American firm Inslaw in the early 1980s, Promis began as a powerful case-management tool for prosecutors. What set it apart, however, was not just its capability to cross-reference vast databases, but its alleged adaptation by intelligence agencies—reportedly modified to include secret backdoors that allowed covert access by Israel to any system it touched.

At the center of its global proliferation stood Robert Maxwell, the larger-than-life British media mogul with well-documented ties to multiple intelligence services including the Mossad. Leveraging his publishing empire and international influence, Maxwell is widely reported to have played a pivotal role in selling and distributing both legitimate and compromised versions of Promis to governments and security services around the world. According to multiple investigations, these modified programs ended up in the hands of ministries, police, and intelligence agencies stretching from South America to the Middle East—granting Maxwell’s Masters unparalleled access to sensitive law enforcement and military information.

The Promis affair did not just reshape perceptions of technological trust; it created the operational playbook for future digital espionage. In Maxwell and Promis, the intertwining of transnational business, covert alliances, and technological sophistication was starkly revealed. The true extent of the breach remains debated, shrouded in both legal disputes and the suspicious circumstances of Maxwell’s death in 1991. But the lesson endures: in the world of surveillance technology, even the most advanced and lauded privacy tools can be weaponized by those operating in the shadows.

V. Modern Infiltration: Palantir, Keyhole, In-Q-Tel, and the Intel-Tech Complex

As history reveals, government infiltration of the private tech sector did not end with Crypto AG or Promis. In recent decades, new models have emerged—often less clandestine, but no less consequential in their impact on global surveillance and user privacy. A notable example is Palantir Technologies, founded in 2003 with early funding from In-Q-Tel, the CIA’s venture capital arm. Palantir’s software, now widely used by intelligence, military, and law enforcement agencies around the world, exemplifies how intelligence services directly nurture private companies positioned at the crossroads of data analytics and surveillance.

Another significant case is Keyhole, Inc., the company behind the mapping technology that evolved into Google Earth. Keyhole’s software was initially developed with support from In-Q-Tel and the National Geospatial-Intelligence Agency, and the very name “Keyhole” referenced a famous CIA satellite program from the Cold War era. When Google acquired Keyhole in 2004, it brought state-originated geospatial intelligence tools directly into the hands of the global public, blurring the boundary between civilian usability and intelligence origins.

In-Q-Tel’s portfolio now includes hundreds of companies focused on cybersecurity, AI, biometrics, and big data—sectors that shape everything from encrypted messaging to border control systems. While a small number of investments are publicly acknowledged, most relationships between intelligence agencies and tech innovators remain discreet, shielded by legal agreements and complex corporate structures. The continuing entanglement of intelligence agencies and the commercial privacy sector—often justified under the banner of national security—raises fundamental questions of oversight, accountability, and the true independence of privacy technology in the modern era.

VI. The Shadow Market: Private Surveillance and the First Wap Empire

While high-profile surveillance scandals have often centered on state-backed intelligence operations or Western-founded technology giants, recent investigative reporting has unmasked a parallel phenomenon: rogue private companies exploiting regulatory loopholes and antiquated global telecom systems to sell potent surveillance as a commodity. The case of First Wap, based in Jakarta but led by European entrepreneurs, highlights how powerful phone tracking and interception tools—such as the “Altamides system”—can enter markets far beyond the reach of traditional export controls, judicial oversight, or democratic accountability.

First Wap’s Altamides system operates differently from notorious spyware like NSO Group’s Pegasus. It leverages vulnerabilities in SS7, a foundational protocol in global telecommunications, allowing access to real-time geolocation and metadata for nearly any cellphone, without leaving forensic traces or requiring user interaction. Unlike malware, Altamides’ technique is nearly untraceable and does not degrade device performance, meaning targets from Vatican whistleblowers and dissidents to Silicon Valley executives and journalists may never detect the intrusion.

The scope of First Wap’s operations, as revealed by Lighthouse Reports and international media partners, is staggering: persistent monitoring of political enemies, corporate rivals, celebrities, activists, and even private citizens—often at the behest of authoritarian clients or corporate interests. Documents and archived tracking data reveal targeting in over 100 countries, with examples ranging from Gina Nuzzi (the “Vatileaks” journalist) to Erik Prince, defense industry officials, and ordinary people swept up for personal vendettas.

Unlike its Western competitors, First Wap’s operation flourishes thanks to regulatory arbitrage: it is legally shielded by Indonesia’s permissive export regime, routes contracts through third-party shell companies, and markets directly to foreign governments and private clients via layers of opaque resellers. Internal company communications show deliberate strategies to evade sanctions and legal constraints by “never knowing” the final user, and devoting substantial effort to providing technical demonstrations—including live attempts to track individuals for buyers from autocratic regimes.

Civil society analysts, like Citizen Lab’s Ron Deibert, argue this proliferation of “despotism as a service” poses a grave threat to democracy, rule of law, and individual safety. The First Wap exposé demonstrates that the technical and legal vulnerabilities that enabled the Crypto AG and Promis scandals are not ghosts of the past but manifest, flourishing realities—only less visible, and frequently unregulated by any national authority.

VIa. The Global VPN and Privacy Market: Promise and Peril

As mass surveillance capabilities became more public, millions of users turned to privacy-focused services such as VPNs and encrypted email to shield their data from state and corporate scrutiny. Yet the global privacy market itself has become a magnet for consolidation and covert influence, often mirroring the very patterns of infiltration seen in previous decades. A prominent example is Kape Technologies, a British-Israeli company that has acquired several major VPN providers—including ExpressVPN, CyberGhost, Private Internet Access, and Zenmate—raising questions about data security and the true independence of popular privacy tools.

Observers such as cybersecurity analyst Felix von Leitner (“Fefe”) have warned that the consolidation of VPN providers under companies with intelligence links could centralize vast streams of sensitive user data, making it potentially easier to intercept or monitor, particularly in jurisdictions with aggressive intelligence agencies. Unlike end-to-end encrypted messaging apps, VPN providers—and by extension the parent companies that own them—can access user metadata and, in some cases, decrypted traffic at key network points.

Proton Technologies, the parent company of ProtonMail, entered this landscape with its own offering, ProtonVPN. Despite its Swiss legal foundation and strong marketing around privacy, Proton’s past cooperation with law enforcement and evolving transparency policies reveal how even the most trusted brands can be subject to shifting legal and geopolitical pressures. For users hoping for a secure digital refuge, the VPN market’s rapid consolidation and opaque ownership structures highlight the persistent tension between privacy, business interests, and the enduring reach of intelligence priorities.

VII. Legal Frameworks, Transparency Battles, and Swiss Law

Switzerland’s reputation for strong privacy protection is grounded in a robust legal framework, but recent developments have exposed the limits—and evolving ambiguities—of these safeguards in the digital era. Swiss law traditionally shields user data from foreign investigators, requiring strict legal process for cooperation with international authorities. In practice, however, mutual legal assistance agreements and increasing global pressure have complicated the country’s neutrality and privacy commitments.

ProtonMail’s recent controversies illustrate how rapidly legal interpretations can shift. In 2021, the company faced heavy criticism after disclosing it had logged user IP addresses for a case initiated by French authorities and relayed via Swiss legal channels. While technically in compliance with Swiss law, this event contradicted earlier marketing emphasis on absolute privacy, and spurred immediate changes to ProtonMail’s privacy policy and transparency reporting practices. Digital rights lawyers such as Martin Steiger have emphasized that even in Switzerland, providers of encrypted or privacy services are often compelled by court orders to take actions that may surprise or dismay their users.

The interplay between Swiss privacy law, evolving international agreements, and the pressure from law enforcement and intelligence agencies ensures that “absolute” privacy is ultimately shaped by a blend of legal, political, and corporate calculation. As transparency reports become more detailed yet less absolute, consumers are left to parse nuances and adapt to a reality where rules—and disclosures—may change at any time.

VIII. Lessons from the Past: The Promis Blueprint for Contemporary Surveillance

The story of Promis, Robert Maxwell, and Crypto AG offers more than historical scandals—it provides a living blueprint for today’s debates about trust and vulnerability in privacy technology. Just as Promis enabled hidden access to law enforcement and diplomatic systems worldwide, contemporary surveillance strategies often rely on behind-the-scenes partnerships, forced legal compliance, or undisclosed backdoors embedded in widely used digital tools. The lessons of previous intelligence operations reverberate: Trust—whether built on “neutral” branding, robust privacy law, or technical sophistication—can be subverted when states claim overriding interests in security, law enforcement, or national defense.

Recent developments in Switzerland are stark examples of this pattern. Proposed revisions to the Federal Act on the Surveillance of Post and Telecommunications (BÜPF) would require providers with more than 5,000 users to deliver detailed metadata to authorities in real time and facilitate rapid compliance with investigative requests, deeply undercutting the data-protection norms that previously distinguished Swiss services. Even secure providers like Proton have started relocating infrastructure and reassessing commitments in response to the increasing legal burden of surveillance, as the boundaries of “privacy by design” are redrawn under state pressure.

The enduring takeaway from these case studies is clear: when oversight is weak or legal standards are undermined, the ideal of privacy becomes a shifting target rather than a guarantee. As governments across Europe and beyond tighten compliance, the line between private security and public vulnerability has never been more fragile.

IX. Addressing Criticism: Denials, Disputes, and the Limits of Evidence

Each time a scandal emerges about mass surveillance, compromised privacy technology, or the quiet reach of intelligence agencies, companies and officials rush to offer assurances or outright denials. Proton, for example, maintains that its privacy protections remain guided by Swiss law and that its compliance with law enforcement requests is strictly court-ordered and transparent. The company argues that even as pressure grows, core features like end-to-end encryption and minimal data retention policies have not fundamentally changed—except where compelled by new legislation. Kape Technologies and other large VPN conglomerates likewise reject allegations of collusion or intelligence influence, pointing instead to their transparency reports and third-party audits.

Government officials portraying the expansion of Swiss surveillance regulations claim they are merely updating laws to keep pace with technology and to enhance national security in a digital age. Critics, however, warn that the lowering of privacy standards—particularly the requirements to log IP addresses, demand identification from users, and reduce compliance deadlines for data requests—destroys Switzerland’s historic role as a privacy haven and creates new risks for activists, journalists, and ordinary citizens. Privacy advocates highlight that the very existence of legal requirements for providers to “disable encryption” on demand, and the shift to executive rather than parliamentary oversight for new surveillance rules, fundamentally undermines trust.

Ultimately, these debates underscore the core dilemma: Without independent, public documentation, and amid rapidly changing legal frameworks, consumers must navigate a maze of claims and counterclaims. Official denials offer little comfort when the very structure of modern law—and the enduring lessons of history—show how quickly privacy guarantees can become obsolete or illusory.

X. Conclusion: What Lessons Remain Unlearned?

Swiss lawmakers once prided themselves on fostering the world’s “safe haven” for digital privacy, but sweeping legal changes in 2025 are pushing even the most respected privacy tech firms to reconsider their future in the country. With new surveillance ordinances mandating providers to collect user identification, retain metadata for up to six months, and in some cases, disable encryption, Switzerland’s global reputation for neutrality and discretion is quickly eroding. These requirements now threaten not just the viability of privacy-oriented startups, but also the safety and anonymity of journalists, dissidents, and ordinary citizens who rely on such services.

As Proton moves much of its infrastructure out of Switzerland in response, and digital rights groups warn that the country’s standards could soon fall below those of both the EU and the US, a chilling pattern emerges: Privacy, once considered a bedrock right, always stands on shifting legal and political ground. Whether it was Crypto AG’s compromised machines in the last century or today’s forced data retention and mandatory decryption, each chapter reveals that trusted privacy tools can be subverted the moment higher state interests dictate.

Perhaps the most enduring lesson from Crypto AG, Promis, and the modern Swiss surveillance crisis is that privacy is never fully guaranteed—only temporarily negotiated. So long as oversight is weak and intelligence priorities override legal safeguards, secrecy will remain as vulnerable as the institutions and technologies designed to protect it.

XI. Reference List (last accessed Oct. 20, 2025)

