No Logs
Help/Question
Also posted in r/protonvpn
Always been curious:
If the hardware is physically located in a different country (US), why can't they be compelled to keep logs?
I understand the company is in Switzerland and their laws say as much, but most companies, with little exception, have to follow the laws in the jurisdiction they're operating.
Seems like any country could compell them to save/store logs on those servers.
Furthermore, I'm certain intelligence companies could just tail the traffic in and out of those servers to see a little of what's going on.
I really don't care if they kept logs, it's still better than my ISP.
Sort by:
Best
Open comment sort options
Comments Section
Uhh... no? Laws exist. You can't just barge into a datacenter and force them to keep the logs just because.
That's why mullvad doesn't have servers in India for example, where datacenters/VPN providers actually forced to log things.
Yeah I didn't mean barge in. I meant warrant and subpoena if they had a reason to.
Suppose then they wouldn't have servers in those countries.
Switzerland<>Sweden
Great question!
In general, warrants can only look for data that exists. They cannot compel a company to start collecting information. At best, it would prevent the deletion of data.
Countries can pass laws requiring the collection of information. Mullvad doesn’t operate servers in those countries.
Outside of law, because Mullvad doesn’t have a mechanism to collect data, they cannot be forced to add it.
You have a valid point.
If a server is located physically inside the country and the legal authorities in that country compel the server management company whoever they are in that country to maintain logs, the VPN that runs that server can shut the show down going forward. If they do not shut that server down, they will be compelled to obey the laws of the country in which the server is physically located.
That is why many VPN companies have virtual servers for certain countries for specific locations including the US. These virtual servers will not be physically located in the country but will provide an IP address as though traffic is emanating from that country.
Say more about that last point. I thought they used data centers in the location they claim. I suppose they could be virtual and easily shut down.
Most of the questions you have are answered on their website.
https://mullvad.net/en/blog/clarifying-our-no-logging-policy
https://mullvad.net/en/help/no-logging-data-policy
If people just read the blogs.
They actually can and even Mullvad acknowledged this might be an issue
"Possible threats to single hop VPN
A key question is whether you can trust the data center where the VPN server is located. VPN services such as Mullvad rent or lease servers from data centers all over the world for their network. VPN servers are encrypted, secure, and under the control of Mullvad, thereby preventing third-party access to sensitive user-data and traffic.
But, the data-center could be forced, or unknowingly equipped with monitors of incoming and outgoing traffic, on the VPN server."
Can read further here: https://mullvad.net/en/help/multihop-wireguard