We are not abandoning Hong Kong

Posted on July 16th, 2020 by in Articles & News.

 

Update: Our Hong Kong campaign is now underway. Learn more about how you can support freedom in Hong Kong.

On July 6, Chinese authorities forced through Article 43, a collection of new regulations that gave Hong Kong law enforcement sweeping online surveillance and censorship powers. These rules are an extension of China’s National Security Law, which cracks down on “separatism, subversion, terrorism and foreign interference.”

These laws give Hong Kong police the ability to put people in prison for sharing content online that the government considers “offensive” and foreshadow increased surveillance. There is little doubt the Chinese government will use these exceptional powers to crush Hong Kong’s pro-democracy movement and strictly curtail the freedom of expression.

In light of these developments, we have carefully considered whether Proton VPN will continue to maintain servers in Hong Kong. After much deliberation, we have decided to keep our servers in Hong Kong, not only because we believe we can keep them secure, but also because we believe in fighting for Hong Kong.

Why Proton VPN is staying in Hong Kong (for now)

We are outraged at the new measures enacted by Chinese authorities, but they are not a surprise. We have always had concerns about such an outcome and have long designated Hong Kong as a high-risk country when it comes to VPN security. As a result, our policies for high-risk countries have long been in effect in Hong Kong, allowing us to mitigate certain risks, which we discuss in more detail below. 

In light of the significant challenges facing freedom of speech in Hong Kong today, the easiest (and by far cheapest) thing to do would be to shut down our server network there. However, at Proton, we have never focused on doing what is easy, but on doing what is right. Our longstanding policy is to leave countries rather than compromise our values. However, it is not our policy to leave without putting up a fight. 

If any measures are enacted to pressure Proton VPN into compromising the privacy or security of the users of our Hong Kong servers, we intend to challenge those measures in a court or another appropriate venue first. If it subsequently becomes impossible to ensure an appropriate level of privacy or security, we would indeed shut down our servers in Hong Kong. However, we think that preemptively abandoning Hong Kong to its fate without even a symbolic resistance sends the wrong message to authoritarian governments around the world that would seek to deny people their fundamental rights.

How we are securing Proton VPN servers in Hong Kong

We should first state the obvious: Under current regulations, Hong Kong is a high-risk location, and we would not generally recommend using servers there if you are handling sensitive content or communications. Proton VPN has one of the most geographically diverse VPN server networks available, and we maintain servers nearby in Taiwan, where we have an office. We also have servers in Singapore, Japan, South Korea, and Malaysia, all of which are also in the region and support low latency connections with Hong Kong.

However, if you would like to use the servers in Hong Kong, we have implemented a number of safety measures to keep them secure. First, we offer Secure Core VPN, which routes your traffic through special, hardened servers in countries with strong data protection laws (in this case, Sweden) before connecting you to a server in Hong Kong. This makes it extremely difficult to track Proton VPN users.

Learn more about Secure Core VPN.

Second, we have experience maintaining servers in high-risk countries, and in fact, we specifically designed Proton VPN to help people protect their privacy in the face of pervasive surveillance. We have a strict no-logs policy, and there is no personally identifiable information stored on any of our VPN servers. This means that even if the Hong Kong servers were to be seized or compromised by the authorities, they would not contain any information that could compromise Proton VPN users. We have also taken several additional precautions to ensure our servers remain secure even in a high-risk location.

Our security measures for high-risk countries

We have put several technical protections in place to keep our servers secure. 

  • We only use bare metal (physical) servers, which lets us control the server down to the hardware level. Once we procure a physical server, we provision it ourselves from scratch to minimize the risk of using tainted software. We lock the server down to tightly control who has access and extensively monitor the machines to detect any potential tampering.
  • We also implement full-disk, block-level encryption on all our servers. Even though our VPN servers do not store any personally identifiable information, we protect them with full-disk encryption. This encryption makes it even more difficult to tamper with Proton VPN servers, even if the attacker has physical access to the machine.

Learn more about the full-disk encryption of our servers.

  • We have zero staff or physical presence in Hong Kong or China, which makes us less susceptible to pressure from Chinese authorities. And as a Swiss company, any request for assistance from the Hong Kong or Chinese government under Article 43 would have to be deemed legal under Swiss law and approved by a Swiss court, which is unlikely. Moreover, we have and will vigorously defend our users’ rights in any jurisdiction they are challenged.

Find out more about how we secure servers in high-risk countries.

We are committed to defending Hong Kong

We created Proton VPN to help people maintain their privacy, protect their freedom of speech, and access censored information. Proton has an office in Taiwan, so we feel great solidarity with our users in Hong Kong and a duty to uphold our shared values. As part of this commitment, we are leading a campaign to directly support organizations fighting for freedom in Hong Kong. 

Today, we are not just fighting for the future of freedom and democracy in Hong Kong, but for freedom around the world. Now, more than ever, the people of the world must stand together, and today, we stand with Hong Kong.

Andy is a founder of Proton, the company behind Proton VPN and Proton Mail. He is a long time advocate of privacy rights and has spoken at TED, SXSW, and the Asian Investigative Journalism Conference about online privacy issues. Previously, Andy was a research scientist at CERN and has a PhD in Particle Physics from Harvard University. You can watch his TED talk online to learn more about our mission.

31 comments

  1. Anonymous

    Just be be clear, neither Hong Kong nor Taiwan is a country!
    Both belong to China, it was for thousands of years like this and neither Protonmail or the fascist United States of America will change this fact.
    I watching very closely how Protonmail expending its server locations in NATO countries and its allies. Why don’t have Protonmail servers in China, Cuba, Venezuela, Iran, Lebanon, Pakistan, Syria? Let me guess, Islamophobia and Sinophobia.
    Just need to read the statements made by Protonmail and the list of servers. Why Protonmail not supporting those people in Afghanistan who occupied and terrorized by the United States for decades? It is that hard to have servers in Palestine?
    Protonmail is too much aligned to U.S. and NATO’s foreign policies!

  2. Trump

    When you don’t have any personal present in Hong Kong monitoring your servers, how likely you are going to assure customers that the physical servers were not modified at BIOS/firmware level even before provision of OS??

  3. Ben Wolford

    Hi, thanks for the question. We can assure this because we put our own BIOS/firmware on the devices and update them ourselves.

  4. Christine Wong

    Hello Good Day ProtonVPN, Thank you very much for standing with Hong Kong in fighting for the freedom against the evil power. I would like to ask when will the new plan/ program for Hong Kong people/ companies be released? I am very much interested to join the plan and is now waiting for your release. If I join your existing 2 year plan now, could I receive the same content of the new plan or do I need to pay again? Thank you very much!

  5. Ben Wolford

    Thank you, Christine! The program is now underway. If you sign up for a new ProtonVPN two-year plan, 50% of your payment will go toward two organizations supporting freedom in Hong Kong. More details here: https://protonvpn.com/blog/hongkong/

  6. Ben

    Incredible stuff Dr. Yen. Thank you for standing with Hong Kong – your dedication to offering continued privacy and security in the face of oppression is admirable.

  7. Jack Boston

    Well done ProtonVPN! Thanks for continuing support HK at this sensitive and urgent time!

  8. Jeremy Calrk

    Nice I fully support this, and wish Proton best of luck in the future.

  9. Gabe

    Is access to secure core functionality going to be made free of charge for HK IP addresses? You’re acknowledging that secure core will be necessary for the security of these servers. I would really like to know.

  10. Ben Wolford

    Hi Gabe, Hong Kong servers are only available to users with Basic, Plus, and Visionary plans. Users with Free plans can connect to servers in the US, the Netherlands, and Japan. We recommend Basic plan users to connect to servers outside of Hong Kong.

  11. Brian Yerk

    How do you have zero physical presence in Hong Kong but also have physical, bare metal servers there?

  12. Ben Wolford

    Hi Brian, thanks for your question. We cover this in detail in this article: https://protonvpn.com/blog/vpn-servers-high-risk-countries/. In short, we work with trusted partners and implement technical measures, including full-disk encryption. In this way, we use physical servers but do not directly own them, reducing our exposure to jurisdictions that are not friendly to privacy.

  13. Human Rights Activist

    I as a Protonmail customer who pays for years for your service demand to immediately cease and desist all promotion of the agendas of fascist United States of America in Hong Kong. Hong Kong was always part of China and always will be! If you have any concerns regarding my comment your can reach me at humanrightsactivist@pm.me I urge Protonmail to restrain from “regime change” operations on Chinese territory or I as a Swiss resident will sue Protonmail for terrorism in Canton of Geneva!

  14. Ben Wolford

    We have carefully selected organizations which are not political and not advocating for regime change. To be clear, what we are advocating for is increased online freedom in Hong Kong.

  15. Dexter Lui

    Thank you so much for the support! I just started using ProtonMail a year ago and subscribed for the service a while ago. It is happy to know that ProtonMail and ProtonVPN is supportive for the democratic movement going on in Hong Kong!

  16. Kevin

    Unrelated question:
    Is the Proton team still working on implementing the Wireguard protocol for future servers? And will that protocol offer secure core with it?

    Thanks

  17. Ben Wolford

    Hi Kevin! Yes, this is still planned. We are excited to eventually implement Wireguard, and we fully support that project. But we would not be able to share a timeline or further details about this just yet.

  18. Stephan

    I don’t understand. What’s the point in ProtonVPN setting servers in just every country? Why would anyone connect via servers in their own country?
    1st use case: if you live in the USA and want to evade US surveillance, connect to Swiss servers; if you live in HK, connect to servers in Taiwan or SK.
    2nd use case: if you want to stream Netflix, HBO, or CBS All Access, connect to servers in USA.
    Any other use case? I just don’t get it. Who cares about having an egress IP in France, Belgium, or HK? If HK want to suppress VPN like they do in Mainland China, they will remove your local servers regardless.
    Can you explain the service model, or the threat model, that would have people connect to servers in their own country? Latency issues only require to connect via geographical region (like Switzerland is OK for Europe, and so on). Thanks

  19. Ben Wolford

    Hi Stephan, thanks for your question. There are many reasons a person might want to connect to a server in their own country, including, as you mentioned, to access geo-restricted content. In this case, the reason to stay in Hong Kong is that we believe we have a right to offer services there. And as Andy mentioned, “If any measures are enacted to pressure ProtonVPN into compromising the privacy or security of the users of our Hong Kong servers, we intend to challenge those measures in a court or another appropriate venue first.”

  20. Brett Salemink

    I am VERY impressed with ProtonVPN’s desire to make a “Real” protest about human rights abuses!

  21. Tristan Partin

    Andy,
    Your blog definitely makes me feel that my choice for a VPN and Email provider is worth the money. Thanks for fight for the end user.

  22. Doug

    You guys are awesome!

  23. Ron

    This is heart warming!
    I don’t live in HK and i’m really appalled by the lack of media coverage here in Europe.
    Europe already spiritually and politically abandoned HK and recent covid-19 policies showed the EU’s true intentions towards totalitarianism.
    I feel proud and privilged being part of the Proton family.
    Thank you for sticking by the people of HK and to live to fight an other day for freedom!
    I will not forget!

  24. Moe

    Thank you for what you’re doing to protect users and help them exercise their freedom of expression.
    Are you aware that protonvpn.com is blocked in Saudi Arabia, but protonmail.com is not? I’m wondering if you can ease the retriction by emailing users a link they can use to download the software.

  25. Tom

    I personally don’t think that this is helpful. It’s sending a message to Hong Kong users that using HK servers is still a viable and/or safe option,… it is not at all. CCP has been playing this game for longer than ProtonVPN has been around. But sure, let’s say that ProtonVPN really is one of the few companies in HK that can’t be touched by CCP… Then guess who’s going to be having a target on their backs? Your users in Hong Kong that are connecting to your servers. Maybe their data can’t be logged, but the fact that they are connecting to your servers can’t be hidden (unless you’re using secure core, which I think should be required instead of an option). That connection in itself can put people in danger. I really think you should reconsider this. I’m a huge fan of Proton, and a paid user, but this is not a smart move in my opinion.

  26. Ben Wolford

    Hi Tom, this is a legitimate concern, and we considered this. But we decided it was important to make a stand for the right to freedom and online privacy. Living in Hong Kong today requires an understanding of the privacy and security risks of using the Internet, full stop. We’re doing as much as we can to educate our users about these risks, and we take precautions as described above.

  27. T

    Thank you for your thoughtful approach, and thank you for standing with Hong Kong.

  28. IH

    Thanks for ProtonVPN continued commitment to Hong Kong, that being said, I urge ProtonVPN to immediately reconsider if HK implement internet wide firewall, just like the great firewall of china.
    As a current user of your service in HK, I genuinely hope ProtonVPN can maintain its presence in the city for as long as possible, but security had to be first and foremost, and I wouldn’t hope anyone else’s security being compromised as the result of the commitment.

  29. Ben Wolford

    Hello IH, thank you for your comment. We’ve taken this decision very seriously, and we believe it’s important to remain in Hong Kong and stand up for civil liberties in Hong Kong. That said, we are taking precautions and keeping a close eye on the situation.

  30. Brad

    Does ProtonMail have servers in China (other than the ones in Hong Kong)? If not, then why would Proton consider having servers in Hong Kong when the city was handed over to China in 1997.
    That “junk” (ship) has sailed.

  31. Ben Wolford

    We do not have servers in China, and our servers in Hong Kong are controlled by us but not directly owned by us.

Comments are closed.

Secure
your internet

Get Proton VPN
Get Proton VPN

For customer support inquiries, please submit the following form for the fastest response:
Support Form

For all other inquiries:
contact@protonvpn.com


-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: OpenPGP.js v4.10.10
Comment: https://openpgpjs.org

xsBNBFiYeeIBCACpwuYcTsACyjQaqY3tOUonokamGZf3VDuLvcA9nQnu4vlB
n1RFFUJa5Pmf2yZ9EjJFSldTl5lreE3tFf53CcZ9wKa1R6aMnN/0VqURJho0
ZTqevQlCvuJ9kKHkDck3Em0/1WWnhDJgabp+fOa5HAHoAvcNy5gVPuexTT/N
wp6QcfB7w+qFhf73s0bcSn5RC+FAYlQxZVFhFtA7/7LthBVatDJrYLYP9XJd
zOZqz9AX0XZwKal25RcVeGHkNKgloo0bTgro4D88MR7saqXFHTRhy3+Wss7c
uqrh0uIkVmqtadoK/rAbqOyFXQ2DlvSMVrEMLUvwlZbC0taqcKDfNA+FABEB
AAHNLWNvbnRhY3RAcHJvdG9udnBuLmNvbSA8Y29udGFjdEBwcm90b252cG4u
Y29tPsLAfwQQAQgAKQUCWJh54wYLCQcIAwIJEN4dfnhhw11TBBUIAgoDFgIB
AhkBAhsDAh4BAAoJEN4dfnhhw11T6PwIAKgIHTUaEcCFQ5WfmwGpdhRgFe7H
gnHR8UOFPrRKnbCOQgTVPGwCFt8UVFhEgbmtroThU89DpxFSYUOD6nZ2k1X3
X4Q9OsItFUUuhPtLJrkz5ghtZLmsAH/edTRbVU1Ew1E8KbylLFI1J5yId7zR
GdnaTXv/E7P3po5X/b08TFAhXSyYYUbMeQuthbJajtpFygr53lm47cOWa4N8
udqLhmpheaQj04DuqYXOGC08JQn+XbHzhFl5Yvlt9Idk8+7c2UJ0qgWKQ5ZV
mquRAw5HDCQM5OqF1MoImDxOH+tK3PUlvFDsLZ1WPEOHK/EN12sPBx0x1R04
fcPTPdbMwgISGM3OwE0EWJh54gEIALqhrLUpvarPc0nkuHpyJC/MsrIDPLuV
qMc49tgjgDBsyIKJFEP9qCnkSOEixaFi+nTljUSpkHGR+PvEGecmcOdW6djN
QGxon/nwBT9d8HbtxJesaEIzwRAxmqQW9MqNq4UsfNQ0VvUYqV9wEbYfdDT/
jZfz9N0hjFELF1sg3UPcCRijhf162bp+rLQdO9vWVUbOdMQvsM/kyUJ6JMXR
xUtyKC05ddxii2SMr4XUW45ostPbxJybOF5oSZpEb1EIlrTLLPAe/498XlBW
hpRAPe+9ZfNs7drMvUEFnnOXahrXAuaaZpyaS/XBaloqSb1+v2AkUep3dbSF
PaRtbXRMS+kAEQEAAcLAaAQYAQgAEwUCWJh54wkQ3h1+eGHDXVMCGwwACgkQ
3h1+eGHDXVMZ4Qf4hu5N8/uYNDqJMFRIWSCpPGxmyIVXGARG4hgR8gwPZY9K
fReAUndX3uODBNIgZU7I3YntawU1DlP6GpP6yyR/8lfUMNCAXPDmd+zTFYIJ
UDHD8sw2GRrFVzFOKUpAapWFOI4XjSMP2UiK4HgrpUjAhe1wSaa7nEjtAuYT
zFx1QSuQD1iYcOF/FAm7EuhBIfWITjYAobGM6gonPbp3IPHM52rUbulllcdV
vCLs+blcyiVCGZlNcmlg3eibAJJL19TQLqT2DbQvQ/SyVBJGjoT+y4TTRtmZ
cebEjt2KJcc4x2lzPq3z2KJNyJTOTMB+aYD9Ma9IObDds+M/+5XDWi7f
=ueTT
-----END PGP PUBLIC KEY BLOCK-----

You can also Tweet to us:
@ProtonVPN