Proton announced a new video conferencing service called Meet and pitched it as a privacy-focused alternative to mainstream services like Google Meet, Zoom, and Microsoft Teams.
Meet offers end-to-end (E2EE) encrypted calls to protect the privacy of conversations and does not require a paid plan or Proton account to use. It’s free for one-hour meetings for up to 50 participants. For long distance calls, Proton offers a “pro” plan starting at $7.99/month.
Proton says that Meet was created due to the increasing need for privacy-first, other EU-based measures that make it easier to comply with the GDPR, or CCPA (California Consumer Privacy Act), face the difficulties of laws such as the US Cloud Act, and to overcome the challenges brought by the country’s increasingly unstable environment.
Apart from the legal aspect, Proton highlights the widespread practice of using human conversations to train AI models, which creates the risk of revealing private data from large-scale linguistic models (LLMs).
Source: Proton
“Proton Meet gives you back your privacy and peace of mind by protecting your calls with end-to-end encryption, so no one can listen or use your conversations to sell ads, monitor, or train AI,” Proton said.
Meet works as easily as creating a conference call link and sharing it with other participants.
The new service is fully integrated with the Proton Calendar and also supports adding scheduled meetings to Google and Microsoft calendars.
Strong privacy and security
Proton Meet calls are secured with Messaging Layer Security (MLS), an independently reviewed open source encryption protocol designed for real-time group messaging.
Proton published a separate post to provide more details about the MLS, highlighting that all media and chat is encrypted on the client side, leaving the company unable to access or process any clear text data.
The Proton Meet architecture is built on WebRTC with selectable relay units (SFU) to transmit media and chat to all participants.
Each meeting link contains an ID and password that is stored locally on the client side, and authenticates participants with the Secure Remote Password (SRP) protocol, which has been used in other Proton services for ten years.
For MLS, the system creates a cryptographic group that shares an epoch key used for encryption, which is rotated at every join/leave event.
New members can’t read past messages (forwarding secret), old members can’t read future messages, and everyone is fully visible to call participants, but their names are always encrypted around the edges.
Email and IP address information is kept confidential between participants, and Proton does not keep records of who has met whom.
The company says that even if the server is compromised, the traffic cannot be read or modified, and that the databases only contain session IDs, which do not reveal anything sensitive to hackers.
The only real risk is the meeting link being compromised, which can be mitigated by locking entries once all expected participants have joined, removing rogue participants, or rotating the link.
Automatic logging proves that the path exists. BAS proves that your controls are stopping you. Many teams run without each other.
This white paper outlines six areas of validation, indicates where coverage ends, and provides clinicians with three diagnostic questions for any screening tool.
