On 16 March 2026, Proton launched Born Private: an initiative that allows parents to reserve an encrypted email address for their children, keeping it inactive and sealed for up to 15 years. When the time comes, the parent hands the child a secure voucher and the account becomes operational — with no prior data, no logs, no profiling.
The cost is symbolic: a minimum $1 donation, entirely directed to the Proton Foundation, the non-profit organisation that serves as Proton’s primary shareholder.
Why It Matters
An email address is not a technical detail. It is the root credential of digital identity: the entry point to school platforms, social media accounts, gaming services, messaging apps. According to research commissioned by Proton (conducted by Toluna on 1,216 U.S. parents), 71% of children have their own device by age 10, and 74% of children’s email accounts are hosted on Gmail. When a child creates an account on a mainstream service, the processing of their personal data — metadata, usage patterns, interests, location — begins immediately, often before the child has the capacity to understand what that means.
The GDPR pays specific attention to children. Recital 38 states that children merit specific protection of their personal data, as they may be less aware of the risks and consequences of processing. Art. 8 sets conditions for children’s consent in relation to information society services. Art. 25 mandates the principle of privacy by design and by default: protective measures must be embedded into the system from the design stage, not added retroactively.
The Underlying Question
Born Private raises a question that goes beyond the individual product: who decides how a child’s digital life begins?
In the current landscape, the answer is: the platforms. Creating an account on a mainstream service automatically initiates a chain of processing — tracking pixels, metadata, hardware identifiers, behavioural profiling — that contributes to building what is known as a shadow profile: a digital profile of the child that accumulates over time and follows them into adulthood.
Proton’s initiative reverses this logic. The email address is reserved, encrypted with zero-access architecture, and kept completely inactive until the moment chosen by the parent. The principle is consistent with data minimisation (Art. 5(1)(c) GDPR): no data is processed until it is necessary.
The European Context
This topic sits within the broader European debate on child online protection. The European Commission’s guidelines on the protection of minors under the Digital Services Act (DSA), the age verification blueprint using zero-knowledge proof technology, and the ongoing pilot programmes in five European countries (including Italy) for integration with the EUDI Wallet all converge towards the same objective: giving children a digital start that respects their fundamental rights.
Our recent contribution AI in Schools: 10 Categories of AI Tools and How They Are Classified Under the AI Act analyses a complementary aspect of the same problem: which AI tools used in schools process children’s data and under what obligations.
My Position
This is not about promoting a product. It is about recognising that protecting a child’s digital identity is a legal act, not a technical detail. And that today, for the first time, there is a concrete option to begin a child’s digital life without it being immediately monetised.
The question for every parent — and every educational institution — is simple: with what digital credential do you want your child to enter the online world?
Sources
- Proton, Born Private — Announcement: Proton Blog
- Proton, Born Private — Reservation page: Proton
- Proton / Toluna, Research on children and digital privacy, March 2026: GlobeNewsWire
- Regulation (EU) 2016/679 (GDPR) — Art. 5, Art. 8, Art. 25, Recital 38: EUR-Lex
- European Commission, European Digital Identity: European Commission