I think you’re asking if it’s possible for your government to be a man-in-the-middle? Depending on which government you live under, the answer is likely no but more importantly the answer will always be; it’s not worth their effort to find out what you’re watching.
YouTube’s public key is signed by a certificate authority whose public key (root) is likely installed on your device from the factory. When you connect to YouTube, they send you a certificate chain which your browser will verify against that known root. In effect, it’s information both you and YouTube already share and can’t be tampered with over the wire.
Technically, those signatures can be forged by a well resourced adversary (i.e. a government) with access to the certificate authority through subversion, coercion, etc. At the same time, it’s probably easier to subvert or coerce you or YouTube to reveal what you watch.
Just wanted to add a bit about Proton since you mentioned it and I use it quite heavily.
Pros:
- All-in-one platform for storage, mail, VPN, password manager and calendar. Usually works out cheaper than multiple providers.
- E-mail aliases built-in to the password manager makes it a breeze to manage. (Tutanota also supports aliases.)
- Personally, I think the UI is more polished. Not important for privacy but it’s a plus for the non tech-savvy.
Cons:
- All-in-one platform. I’m acutely aware that I’m going to have a headache if Proton is enshittified.
- If you’re not looking for all of the products they offer, it’s just expensive. Tutanota is cheaper for e-mail alone.
- The Drive app needs improvement. Migrating my files was painful and I want automatic Camera uploads. You might be okay with the Windows desktop app.
- The Calendar app has issues when not connected to the internet.
- The password manager doesn’t have a desktop application and managing it through the browser extension or app isn’t great.
- No subject-line encryption support (and other PGP interoperability issues on the free version) but… unfortunately, I don’t get many PGP encrypted e-mails anyway.
Otherwise these two are largely like-for-like for e-mail. There’s no benefit to Proton being hosted in Switzerland and I didn’t move to be warrant-proof or anything silly. The idea is really just moving emails away from an advertising company and paying for a quality service.
I’ve used it for the exact same purpose, great minds think alike. It’s perfect for that scenario given there’s no internet.
I just don’t use it much otherwise because apps like Signal are far easier to move my friends and family on to and they’re more than good enough. The metadata privacy Tor would provide would give me a lot of peace of mind but I know it’ll never happen.