Orygin

And you can take approximately 3 seconds to click on the kill switch if you so desperately need not to see an AI button somewhere.
Like I can understand (and I agree) the stance on AI in general, but this is just a knee jerk reaction. Your browsing experience is 99.9% unchanged even if there is a button somewhere...

Still, the idea is that Proton has everything they need to access your data (your encrypted bits, your encrypted key, and your password you send them every time you login). You have no guarantee that they don't have something (intentionally or not) that can catch this and extract data about you.
You also (and more importantly) have no guarantee that the Swiss government can't or won't force them to implement such systems, and hand over your data.
They already lied about not storing your IP until a judge ordered Proton to produce it for a French national. They have since redacted their privacy policy to say they may store such data about you if requested. They can do the same to get your key.

No matter how, if they possess the keys, it's ~~not your crypto~~ not secure.

It may not cut it now, but we can't guarantee it will stay the same within a few years (either faster compute, or other techniques that speed up the brute force)

it will not be a correct key, so you will fail during decryption, but it will take a lot of time to check and may not be easy to automate.

If you have any way to check the key validity offline (for example, you subpoena the encrypted data) then it's trivial to check and automate.
Of course not everybody is capable of this, but it's becoming less and less difficult to brute force it, and renting a few hours of GPU time to do it is within the means of small bad actors.

How do they authenticate* you? They just send the encrypted key and if you can decrypt it then it's you?
If so I can request any account encrypted key and try to brute force it offline

If the key is the same password you use to login, then they already have the key. They may not store it unhashed, but you transmit it to them every time you login. If law enforcement forces Proton, or if Proton turns evil (or gets infiltrated by a three letter agency), they can use it from the auth to decrypt your key and your data.
Plus, a bad actor having access to the encrypted key is free to brute force it. It may be hard but not guaranteed to stay hard forever.

Edit: didn't realize I was in a Proton fanboy community where you can't criticize or ponder the service security...

In Belgium, a judge can order you to give your phone password (and I would guess a decryption key too) and not complying with it risks imprisonment and a fine.
So like you say it entirely depends on the local laws. Most of the discussion around Proton here should focus on Swiss laws instead of projecting based on their own local laws

If they (proton) have the keys, doesn't matter if they encrypted your data. They must have the keys because I can log into mail from different clients and read all emails without having to insert my key.

Nobody wanted AI as a feature

This is false, you don't speak for everybody and represent a small vocal minority of users.

So if you never press the AI button, it's never enabled. It is opt-in in the strictest semantic sense.
What you say here applies for things that run automatically, like the anonymous usage reports, which is opt out, not for things you activate yourself.

I don't know the details. But I would guess if it was purely financial she would be less appalled by their relationship?
What I meant is that Epstein did play a part in their divorce, either just a motive or a real moral reason.

Edit: Found a quote:

That October, things had reached a fever pitch when The New York Times published a deeply disturbing article that raised serious questions about Bill’s conduct – questions that suggested he had betrayed not only our marriage but also my values.

I would guess based on that it's not just financial

Didn't Melinda go on public record saying the Epstein files were a part of their divorce?