So I kind of want to get out of the Gmail ecosystem, and have been eyeing Proton as a good replacement, but I can't help but to think that nearly all of Proton's selling points and marketing points are all smoke and mirrors.

And I don't know, maybe I'm looking at this entirely the wrong way, I am just really struggling to see the appeal of Proton.

First, I'll start with my "threat model".

In general I want to be more anonymous online and slip under the radar better.

I'm not planning on doing anything clandestine, but with the direction the US is going, I'd rather not be an easy target if I want to be active in activism spaces if you catch my drift.

And I'm also interested in staying off of databrokers radars, or obfuscate myself to prevent coherent tracking.

With that being said, it seems that even with a proton email if someone wanted to find my identity they could, data brokers or governments alike, even if I pay for my subscription with cash.

And not that I'm really worried about that, but to me that negates like the entirety of Proton's marketing gimmick.

And I'm failing to see what functional benefit Proton has when it comes to privacy outside of just being "aesthetically private".

Here are some of my concerns, please feel free to correct me if I'm completely offbase with any of the logic below, but this is just my initial thoughts, and I'd love to hear some feedback and/or be corrected or provided more context.

1. Why does the encryption of the message body matter if the envelope and address are is still exposed? If a government or data broker can get the sender/receiver info, timestamps, and my IP, they have a map of my life. Isn't the "private content" just a distraction from the real leak? Like other than not having my emails used to train AI or data being sold to data brokers, I can't find a functional improvement or benefit to my daily life to use Proton outside of thinking "Yeah, fuck The Man" every time I log in. Like I am more worried about governments and data brokers knowing who I'm sending/receiving things from than I am about the content of those messages being exposed since I'm not going to be monologuing evil plans over email, and I really don't care if the databroker tracking me knows that I bought a case of liquid death root beer 4 times in one month since they get that information from Amazon or whatever website anyways.

2. Everyone talks about "Swiss protection," but isn't that just a speed bump? If the U.S. government goes to Switzerland with an MLAT request, Proton has to comply. And even if I've payed with cash, they can still be compelled to log the IP logins and hand over the alias emails and primary mailbox used by that account and the metadata. So if I sign up for something using an alias, they can take that alias and file an MLAT request with Switzerland to get my main email, the metadata for my entire inbox(just not the body content) and the other aliases tied to that account, and then do a search for any services using those emails to find my identity. They could technically use an alias email I've made, send an information request to Switzerland/Proton, get back a list of aliases and email metadata, find that I used an alias to sign up to a pizza delivery service, then subpoena that pizza delivery service for my name, phone number, and address, at that point what's the point? Is the point just to make it harder for them? I'm not planning on doing anything that could get them to want to subpoena my emails ANYWAYS, but what's the point of making it harder for them outside of again, just thinking to myself "haha fuck you" every time I send an email?

3. Even if I use an alias, if the site I use the alias on gets tied to my online data/identity, then my privacy is broken, right? Like lets say I want to sign up for a new site called godotshaders.com, I use a proton alias to sign up. This site then collects that data, my IP, my cookie data, browser user agent string data, and that I'm logged into some account with my other non-proton email, etc, that gets tied to my browsing data they're collecting, and suddenly they've linked that alias email to my advertising profile and other browsing. Rinse & repeat. Now all the aliases are tied to me. I don't see how these emails help with online advertising tracking.

4. I have tons of accounts I use, my bitwarden login count sits at around 850 logins, but I probably only regularly use a small fraction of those. But if I end up changing my email on a lot of those accounts to the proton email, even a proton alias, all that does for data brokers is potentially tie every one of those new alias emails to me. And at that point there is no difference in my data broker information just that I have 850 different alias emails. But my data is still tied to those accounts. So AGAIN, what's the point of this? Do I need to sign up for everything from scratch in order to maybe have privacy?

I forgot my driver's license today but had my phone with me. I remembered seeing stories that google and apple both allow these (for some states) in the digital wallet.

Before doing this, I thought I would ask people here to weigh in on whether it is a good idea. Is it considered secure? Is it going to cause me more privacy issues than a physical card in my wallet?

This is also related to recent discussions about online age verification.

This is a related Tildes post from last year: Google Wallet adds age verification and more government ID support

as a grapheneOS user, I obviously care about my privacy, hence why the iPhone will not be my main driver, the grapheneOS device will continue to be.

but I might be getting a free iPhone soon and I have an idea of what I would use it for (Podcasts as Apple Podcast is the best cross-platform podcast app I have come across) but am not sure what else I would be comfortable using it for as I don't know what actions are safe without having Apple gather that much data or telemetry on me.

I know that I won't be using iCloud on it. I have no need for Apple's data storage. Nor do I see myself ever using the App Store, except for installing a VPN app. I might install Signal on it but not anytime soon (not least of which cause Signal does not yet support multiple smartphone usages for the same device). I definitely won't use iMessage as I don't believe in using a messaging service that is limited to a specific ecosystem.

I will note that I wont install a SIM on it. It will be using Wi-Fi for the foreseeable future.

Given these things, i am not sure if there is anything i should be on the look-out for in terms of privacy concerns with the usages I have outlined above

Edit:

Based on the answers to my post, I am getting the sense I didn't explain my current situation, which fair enough.

I have audio and video podcasts I consume, for my audio podcasts that I tend to listen to while commuting and exercising, AntennaPod proved a God send for this, to the extent that I wanted to support the app financially until I saw that they said their costs are already covered and it made me appreciate them even more for their honesty.

However, I have a free iPad I got by accident (not worth going into here) and I prefer to consume my video podcasts on a bigger screen than my google pixel. I don't trust Google with tablet development after a bad experience with another tablet I had from them so that was out. so I decided to just use the free iPad and was delighted to find their Podcasts app also supports videos.

However, I wanted 1 service that I can use on a phone and tablet. AntennaPod does not have any iPad apps. I saw this page and the 2 alternatives seemed to be Pocket Casts and Podverse. I tried Podverse but the iPad app would not even launch for me, it crashed every time so I said goodbye to that.

reading into pocket casts, it seems they do collect some data and they do have the option opt-out of that but that could very well change, which means I'd be in a situation where I could be paying for a product while also having my data collected and I disagree with that business model.

So, Apple Podcasts is probably collecting some data on me but I figured all it knows is what podcasts I listen to, which isn't terribly useful (I hope) considering I have subscribed to podcasts from a feed I generate myself.

And I happened to already have an old iPhone lying around at home so I decided to switch to using that for my audio Podcasts and use my iPad for video podcasts and its sometimes glitchy since I would call the Apple Podcasts synchronization experience (between devices) half-baked at most but I can make it work for my use case. So I am already using a separate iPhone just for podcasts and I might be in the position where I get a new iPhone which would replace the current iPhone but not sure what new threats to be aware of privacy-wise. I would be upgrading from an iPhone SE first gen to whatever new version I am getting.