[actionfromafar]

Mullvad complies, but they go out of their way to keep very little information. If you don't have the information in the first place, you can't surrender it.

[sigmoid10]

Beware that despite all marketing statements, VPN providers can easily be forced to store logs using court orders, even if they don't do it by default.

[actionfromafar]

That still has value, it's much harder to do drag-net style surveillance if you need court orders to collect new information and can't scoop up old information.

[alexey-salmin]

> VPN providers can easily be forced to store logs using court orders

It's not grave if the provider is allowed to notify the user that logs are being collected from now on.

Is there a country where gag orders are unconstitutional or something of that sort?

[carbotaniuman]

You can always shut down rather than do so - it's happened in the US.

[sigmoid10]

This also happened with providers in Europe. So you can safely assume that any VPN provider who is still doing business in Europe is compromised in some way or another by the government.

[yaris]

"Compromised" is a wrong word to use, unless you consider any obedience to the law "compromise". VPN providers who are still doing business in EU (not Europe) do obey court orders - that would be more correct wording. Any non-compliance is a one-time occurence: either you decide to cease operations or you are forced to cease operations by LEA, as in vpnlab.net example.

[sigmoid10]

If you actually look at the vpnlab example, you'll find that the government got access to all their data, not just for specific cases. So you can assume that all remaining providers have yielded the same level of access.