Proton Mail Payment Metadata: Activism Should Not Mean Violence
As an IT student and a humane-tech activist, I spend a lot of my time looking at the architecture of systems. Whether I am configuring .conf files for a reverse proxy on my Debian setups, managing my YunoHost and Docker hybrid ecosystem at obulou.org, or simply observing how global events unfold online, the underlying patterns are always the same. Systems are only as strong as their weakest links, and human behaviour is almost always that link.
Recently, the news surrounding the “Stop Cop City” protests in Atlanta, Georgia, USA, caught my attention. It is a striking case study of systemic failures, both in how the state handles dissent and in how activists manage their own operations. As someone who believes in digital rights and public awareness, I find myself deeply critical of the methods used by some of these protesters. My activism is rooted in the belief that I am just one node among many in a larger system, working to lift people up and build better structures. The violence, arson, and scare tactics seen in Atlanta are dehumanising. They do not build a better world; they merely invite the crushing weight of the state to tear everything down.
The Integrity of Activism
There is a fundamental difference between humane-tech activism and the destructive approach witnessed in the Stop Cop City movement. When activism shifts from policy advocacy and public education to burning construction equipment and doxing individuals, it crosses a line that damages the integrity of the cause itself.
In my discussions with my AI assistant regarding the authorities' response to these protests, the AI provided a clear breakdown of the state's logic:
“When a movement is decentralised, authorities often struggle to hold anyone accountable for property damage. By targeting the 'key persons'—such as those managing the Proton Mail accounts or the websites—the FBI is trying to prove that these acts aren't just random, but are part of a coordinated criminal enterprise. The facility is a $109 million project. The state argues that it has a duty to protect workers and the public... Finding the leaders is a way to 'decapitate' the movement’s ability to organise these more extreme actions.”
This perspective highlights the inevitable consequence of violent protests: severe legal retaliation. The use of RICO (Racketeer Influenced and Corrupt Organizations Act) charges against 61 activists is a massive escalation. It treats a political movement like an organised crime syndicate. While civil rights advocates argue this dehumanises the right to dissent, the protesters themselves laid the groundwork for this escalation by using fear and destruction.
We must tailor our approach to activism to protect the safety and wellbeing of activists. This means mitigating legal threats by maintaining a clear, legal, and ethical line. If an activist is facing decades in prison due to terrorism or racketeering charges over a burnt bulldozer, their ability to contribute to human knowledge and systemic justice ends there. Integrity is not just a moral stance; it is a survival strategy.
The Proton Mail Trapdoor and Operational Security
The most fascinating—and frustrating—aspect of the Stop Cop City arrests from a technical standpoint was the operational security (opsec) failure that led to the unmasking of a key activist. It was a failure that perfectly illustrates the illusion of decentralisation when tethered to legacy systems.
The activist in question used Proton Mail, a service renowned for its end-to-end encryption. The encryption worked flawlessly. The FBI could not read the contents of the emails, defendtheatlantaforest@protonmail.com. However, the activist made a fatal error: they paid for their premium Proton account using a personal credit card.
As my AI assistant explained during our analysis of the case:
“The FBI used a Mutual Legal Assistance Treaty (MLAT) to ask Swiss authorities for information... Because Proton uses end-to-end encryption, they cannot see or share the messages themselves. However, they were forced by a Swiss court order to provide a payment identifier. The activist had paid for their Proton account using a credit card. This payment identifier allowed the FBI to trace the account back to the individual's real identity through the bank.”
This is the trapdoor. You can wrap your communications in the most sophisticated cryptographic protocols in the world, but if your billing metadata is handled by Visa or Mastercard, you are operating within a centralised, highly surveyed environment. The activist tried to use a decentralised, private tool while staying tethered to a centralised financial system.
The Fiat Chokepoint: Crypto is Not an Escape
This brings me to a critical observation about modern digital finance, particularly the misconception that cryptocurrency offers a true escape from government oversight. In my view, the current implementation of crypto and decentralised finances does not represent a clean break from the old system; it simply sits on top of it.
Here in Malaysia, this reality is inescapable. To participate in the crypto market legally, we must go through Digital Asset Exchanges (DAX) certified by the Securities Commission. Platforms like Luno or MX Global require extensive Know Your Customer (KYC) and Anti-Money Laundering (AML) compliance. Before I can even buy a fraction of a digital asset, I have to provide my name, my identity card, my wallet origins, and declare my domestic borrowing status.
The fiat money I use to buy the crypto comes from the central bank. The exchange is the chokepoint. If the authorities want to trace a transaction, they do not need to break the blockchain's cryptography; they simply subpoena the exchange for the bank transfer records.
My AI assistant validated this technical contradiction:
“Because most people don't get paid their salary in Bitcoin, they must 'exit' the fiat system to enter the crypto one. This 'exit' is recorded by the central bank... While crypto fans talk about decentralisation, the public ledger of a blockchain actually makes it easier for authorities to track movements once they have that first identity link from the exchange.”
Crypto, in its current mainstream form, is fiat-dependent. To buy crypto means to use fiat. It is a house built on a centralised foundation. Therefore, relying on it to bypass or hide from state authorities—especially whilst engaging in high-risk activism—is a profound misunderstanding of how structural power works. Authorities like the FBI or local law enforcement are mandated to protect the public and the integrity of the financial system. When activists use traceable fiat networks to fund illegal acts, they are essentially handing the state the exact tools needed to dismantle them.
Building Resilience, Not Destruction
Activism should not be about tearing things down; it should be about lifting people up. AIs, technology, and digital tools should help people become more of themselves, fostering human advancement rather than generating anxiety through scare-based tactics.
Instead of fighting unwinnable wars against centralised financial giants or engaging in physical destruction, my focus remains on building resilient, self-sovereign digital spaces. I take ownership of my data. I am simply building a parallel structure that respects human dignity and privacy.
Conclusion
The “Stop Cop City” movement and the subsequent Proton Mail data incident serve as a harsh lesson for anyone involved in digital or physical advocacy. Privacy is not a shield for violence, and technology cannot protect you from the inherent traceability of the fiat financial system.
We must approach activism with a grounded perspective, acknowledging systemic injustices and structural failures without resorting to the very dehumanising tactics we claim to oppose. I am just one node among many, navigating these complex networks. By focusing on public awareness, maintaining our integrity, and using technology to empower rather than destroy, we can advocate for systemic change that actually protects the wellbeing of those involved.