Proton, the company behind privacy-focused services like Proton Mail and Proton VPN, has launched Lumo, an AI assistant designed with end-to-end encryption and a strict no-logs policy. Unlike mainstream AI tools, Lumo does not store user prompts or conversations, positioning itself as a solution for those concerned about data privacy in AI interactions1. The tool is now available on iOS and Android, with a free tier offering limited queries and a paid plan for unlimited access2.
Key Security Features
Lumo distinguishes itself with several privacy-centric features. All chats are protected by zero-access encryption, meaning only the user can decrypt saved conversations. Proton cannot access or log chat histories, ensuring compliance with GDPR requirements3. The AI runs on open-source models like Mistral and OLMO 2, hosted on European servers to avoid jurisdiction-related data risks. A unique Ghost Mode allows temporary chats that disappear after closing, while Proton Drive integration enables secure analysis of encrypted files without storing them1.
Technical Implementation
Lumo’s architecture avoids reliance on third-party APIs, reducing exposure to supply-chain vulnerabilities. Web searches are disabled by default to prevent accidental data leakage, and TLS encryption secures data in transit2. The service offers anonymous usage (25 queries/week) or authenticated free accounts (100 queries/week). Paid users ($9.99/month) gain unlimited chats, file uploads, and extended history—all encrypted and deletable at any time3.
Relevance to Security Professionals
For security teams, Lumo provides a safer alternative for tasks like document summarization or code generation, where sensitive data might otherwise be exposed to third-party AI training datasets. Its open-source model stack allows for independent audits, addressing concerns about opaque AI systems1. Proton’s comparison table highlights Lumo’s advantages over Gemini, Copilot, and OpenAI in data protection, making it a viable option for handling confidential information3.
Conclusion
Lumo represents a significant step toward privacy-respecting AI, though its effectiveness in complex enterprise workflows remains to be tested. Security teams should evaluate its trade-offs between functionality and isolation, particularly for high-risk environments. Proton’s commitment to transparency and encryption sets a benchmark for ethical AI development.
References
- “Lumo: Proton’s Privacy-First AI Assistant”. Proton Official Page. Accessed: 2025-07-23.
- “Proton launches privacy-focused AI chatbot”. The Verge. Accessed: 2025-07-23.
- “Introducing Lumo: AI with Privacy by Default”. Proton Blog. Accessed: 2025-07-23.
