Password manager jurisdiction — Switzerland, Panama, US, and what it means

• Proton Pass — Switzerland. Not EU, not US, not in any intelligence-sharing alliance (Five Eyes, 9-Eyes, 14-Eyes). Swiss Federal Data Protection Act provides strong legal protections. Proton complied with a 2021 court order to log a user's IP — jurisdiction limits exposure; it does not provide absolute protection
• NordPass — Panama. No mandatory data retention laws. Outside all major intelligence-sharing alliances. Nord Security is a Panama-registered company operating globally
• Bitwarden — United States (Florida). Five Eyes jurisdiction. CLOUD Act and FISA requests apply. EU data region (bitwarden.eu) provides GDPR-resident data storage but does not change US company status
• LastPass — United States (Massachusetts, via GoTo Technologies). Five Eyes. CLOUD Act and FISA apply. URL metadata was stored unencrypted — more producible under legal process than encrypted vault data
• Dashlane — United States (Delaware). Originally French; relocated to US. Five Eyes. CLOUD Act applies
• Keeper — United States (Illinois). Five Eyes. FedRAMP authorization demonstrates government cloud compliance — relevant for US government use, not necessarily favourable for privacy-from-government use cases

• Zero-knowledge means the company cannot produce encrypted vault contents regardless of jurisdiction — the legal request produces useless encrypted data
• Metadata is different — URL lists, access logs, IP addresses, and account information may be retained and may be producible under legal process in any jurisdiction
• Swiss and Panama jurisdictions slow the legal process — they don't eliminate it. Both Proton and NordPass have complied with legitimate legal requests under their respective frameworks
• Self-hosting removes the company from the equation — but introduces operational security requirements that may create their own risks

Proton Pass fits users for whom Swiss jurisdiction is the priority. Switzerland's nFADP, its non-alliance status, and Proton's transparency reports make this the strongest available jurisdiction in this comparison. The metadata encryption adds a second layer that makes jurisdiction less relevant — if URLs are also encrypted, there is less metadata to produce.

NordPass fits users who want non-Five-Eyes incorporation at the best price. Panama's absence of data retention laws and non-alliance status provides meaningful protection. The metadata is not encrypted, which means URL data could be produced under a successful legal request.

Bitwarden self-hosted removes the jurisdiction question entirely. Your server infrastructure determines the applicable legal framework.

Bottom line

Proton Pass for the strongest jurisdiction combined with metadata encryption. NordPass for non-Five-Eyes jurisdiction at the best price. Bitwarden self-hosted to remove the company from the jurisdiction equation entirely. For most users, zero-knowledge architecture matters more than jurisdiction — but for elevated threat models, the combination of jurisdiction and metadata encryption provides the strongest posture.