Thank you for the links, I had found a few of these but some are new. The basic idea is there, I’ll see if any of these can work for us. I’m growing more convinced though that hosting a whole app for this super simple use case might not be worth it, I think we might pivot to just hosting a really basic static page for it.
This is old drama at this point. I’ll repeat what’s been said the previous times this was posted.
Proton did what they were legally required to do in the jurisdiction where they operate as a legitimate business. As an encrypted email provider they offer privacy but not necessarily anonymity, and they’re open about that. They even have multiple blogposts about how to use their service more anonymously. If you thought that by using ProtonMail you were getting full anonymity that’s your mistake.
In both the cases mentioned the users made OpSec mistakes: not using a VPN in one and linking their personal Apple email as a recovery email in the other. In the first case Proton wasn’t even logging the user’s IP until the police forced them to.