Virtual Private Networks, or VPNs, are popular services for (supposedly) increasing your security and privacy on the internet. They are often marketed as all-encompassing security tools, and something that you absolutely need to keep hackers at bay. However, many of the selling points for VPNs are exaggerated or just outright
Just use any old proxy either paid for in cash in the mail, or in a country that absolutely won’t cooperate with yours legally when you need it.
Your VPN will absolutely fold under the slightest legal pressure.
Some of them don’t even log the data required to cooperate with requests. Mullvad is one.
IVPN is another
how do they prove that they both don’t and can’t?
Audit.
https://www.consumerreports.org/electronics-computers/vpn-services/mullvad-ivpn-mozilla-vpn-top-consumer-reports-vpn-testing-a9588707317/
https://mullvad.net/en/blog/2023/8/9/infrastructure-audit-completed-by-radically-open-security https://www.techradar.com/news/mullvad-vpns-servers-have-undergone-an-independent-audit-and-the-results-are-in
https://mullvad.net/en/blog/2022/6/22/vpn-server-audit-found-no-information-leakage-or-logging-of-customer-data
Better than most but I couldn’t find mention of anything that prevents them from complying with secret requests to begin data monitoring.
Potentially where they’re based that’s unconstitutional or something but I didn’t see evidence of such.