Many major VPN providers claim to keep no logs, and some have had third party audits supporting that claim. Subpeonas don't do anything if the company doesn't keep logs.
I also wouldn’t trust VPN provider standing up to the pressure of really angry Western government. If Mullivad gets US FISA warrant followed by threat to destroy their ability gain access to US payments, they are going to flip logging for you on so fast.
I'm not necessarily sure they would, they've built their company based on no logs and privacy and seem fairly ideological, if this occurred their business would likely be permanently crippled. Most of their users use them because of their strong guarantees.
Turning on Logs for single user vs taking what could be crippling business hit? Maybe their CEO is ethical but that would be behavior I haven't seen from CEO ever.
Third party auditors aren't going to be allowed into Room 641A.
Courts can order providers to keep logs on certain users. Wiretapping laws also allow for it. And all of that goes out the window if the government decides there's a threat to national security.