In the tech world, there’s a new arms race. It’s not about who has the fastest chip or the thinnest phone. It’s about who you trust with your company’s most sensitive secrets. On one side, you have the titans—Google, Microsoft, OpenAI—whose AI tools are brilliant but hungry, constantly learning from the data you feed them.

On the other side, you have Proton.

The Swiss company, already famous for its privacy-first email and VPN services, just made a bold move. It announced that its AI assistant, Lumo, is now available for businesses. The pitch is incredibly simple and incredibly potent: what if you could use all the power of a modern AI, but without the crippling fear of data leaks, privacy violations, or your internal memos being used to train a future model?

“Lumo is the only AI that gives you all the advantages and without the privacy risks,” writes Proton’s Eamonn Maguire in the company’s announcement. “Millions of individuals are already using our AI assistant… Now we’re bringing that same power to organizations with Lumo for Business.”

The privacy-first promise

For any business owner, manager, or even a mildly paranoid employee, the rise of AI has been a double-edged sword. Sure, you can ask ChatGPT to draft a marketing plan or have Gemini summarize a 50-page report. But in doing so, are you just handing over your company’s intellectual property to a third-party server in a data center you can’t even point to on a map?

This is the exact fear Proton is tapping into. It claims Lumo for Business is built on a foundation of “no” and “can’t.”

• Proton says it never uses your data to train its AI models. This is the big one. Your financial reports, legal drafts, and secret product roadmaps remain yours.
• It doesn’t log your chat sessions.
• It can’t share your data with others.
• It provides compliance with zero-access encryption. This is classic Proton. The idea is that your chat histories are encrypted in a way that not even Proton itself can read them. Only you, the user, hold the key.

This entire privacy shield is legally reinforced by the fact that Proton is hosted in Europe, specifically Switzerland, putting it under the protection of some of the world’s strongest data privacy laws, like the GDPR.

And for the tech-savvy, Proton is leaning heavily on its “open” credentials. The company states that Lumo is built using open-source AI models and that anyone can view the source code for its apps. In theory, this transparency allows the community to verify that Proton is actually doing what it says it’s doing.

So, what can it actually do?

A privacy-focused AI is useless if it’s a brick. Proton seems to know this. The key feature for businesses is its integration with Proton Drive, the company’s secure cloud storage.

This means you can “ground” the AI in your own data. You can upload a collection of legal documents, sales reports, or project files and then ask Lumo questions about that data. For example: “Summarize the key risks outlined in all the Q3 contracts I just uploaded” or “Draft an email to the marketing team based on the ‘Project Phoenix’ brief.”

This is the kind of high-utility, context-aware work that businesses are craving, all supposedly done within Proton’s encrypted walls.

The price of privacy

Naturally, this level of security isn’t free. Proton is positioning Lumo as a premium, professional tool.

• Lumo for Business: The standalone AI plan is normally $14.99 per user, per month (when billed annually). To get companies in the door, Proton is running an introductory sale, knocking that down to $11.99.
• Proton Business Suite: For companies that want to go all-in on the ecosystem, this bundle adds Lumo to the existing suite of Proton Mail, Drive (with 1TB of storage), and Calendar. This plan runs for $27.98 per user/month, currently on sale for $22.98.

This pricing puts it in direct competition with premium tiers from OpenAI (ChatGPT Plus) and Google (Gemini Advanced), making it clear that Proton is targeting serious professionals and businesses, not just casual hobbyists.

The “but…”

This all sounds like a perfect solution, but the story doesn’t end there. In the world of cryptography and open-source, claims of “privacy” are scrutinized with a fine-toothed comb.

Critics and security researchers have pointed out a few key nuances. The “zero-access encryption” applies to your saved chat history, but for the AI to actually process your request, your prompt (and any data you upload) must be decrypted on Proton’s servers at the moment of processing. It has to be; otherwise, the AI model couldn’t “read” it to give you an answer.

The real trust-based question is: What happens in that tiny window of time? Proton’s entire reputation rests on its promise that your data is handled, processed, and then instantly and permanently deleted, with no logs kept.

Furthermore, the “open source” claim has been picked apart. While Proton’s apps (the user interface on your phone or web browser) are open source, and the models it uses are based on open-source projects, Proton’s own proprietary “secret sauce”—the code that connects everything and runs on its servers—is not.

This isn’t necessarily deceptive; it’s just the reality of running a complex, commercial service. But it does mean that “open source” doesn’t mean you can see 100% of what’s happening.

A choice of trust

The launch of Lumo for Business isn’t just about a new product. It’s a statement.

Proton is betting that for many organizations—law firms, healthcare providers, journalists, and tech startups—the “good enough” privacy of its competitors isn’t good enough. It’s betting that businesses are willing to pay a premium for a service that’s legally and structurally disincentivized from looking at their data.

While its competitors are in a race for AGI (Artificial General Intelligence), Proton is in a race for something much simpler: trust. And in 2025, that might be the more valuable commodity.