Proton doesn't provide public APIs for retrieving the public GPG keys associated with their users' accounts, nor do they provide a way to send encrypted mail to their users' accounts without using their official apps.
Ergo, Proton is not really working to further the state of cryptography for email, they're only working to compel users to use their proprietary software (and ultimately their paid services).
If services which do automated sending of emails to their subscribers/users have no way to encrypt those emails for its users who are on proton mail, I don't understand how Proton can claim to care about encryption.
Proton still appears to suffer from Lavabit's pathologies in several ways because it ultimately stores GPG private keys, hasn't had their "zero-access encryption" audited by an independent third-party, it hosts servers in privacy-hostile jurisdictions that can be seized, and they've already handed user data to authorities over 30k times. [0] Proton Mail is a simulacra of privacy as a service that lies to its customers.
At present time, the best way to assure privacy is to lease (using cryptocurrency) VPS instances in a neutral, privacy-respecting country and self-host a web-mail stack oneself. There isn't really a practical way around this because powerful nation states are able to demand access to customer data from almost every cloud/VPS provider in their jurisdiction.
If you're at the point where your hosting your own mail, you may as well GPG encrypt your own messages (with your locally stored private key), which makes the jurisdiction irrelevant
Of course, this still assumes your correspondents will be capable of doing the same.
Ideally, you'd be able to provide the service your key directly (you can do it in Sourcehut for example, IIRC), and they use that key without relying on a third-party server. Maybe using something like WebFinger could be a solution too, for automatic key discovery from a "trusted" party (the recipient's email server).
> ...nor do they provide a way to send encrypted mail to their users' accounts without using their official apps.
I'm confused by this complaint. Sending encrypted mail is the job of the sender. You can PGP encrypt your mail and send it to a Proton user just like any other recipient. I've done this at work when I need to send myself paystubs.
I have used this to send signed/encrypted mail to a ProtonMail recipient. It worked, until he responded inline without encrypting it to my private key, thereby completely defeating the point.
(Later I informed him of how to automatically sign and encrypt outgoing mails to my account, as that is possible too, but not obvious at all.)
PM should make the more obvious, but in principle the interoperability is there and works.
Proton doesn't provide public APIs for retrieving the public GPG keys associated with their users' accounts, nor do they provide a way to send encrypted mail to their users' accounts without using their official apps.
Ergo, Proton is not really working to further the state of cryptography for email, they're only working to compel users to use their proprietary software (and ultimately their paid services).
If services which do automated sending of emails to their subscribers/users have no way to encrypt those emails for its users who are on proton mail, I don't understand how Proton can claim to care about encryption.