Mullvad VPN was subject to a search warrant. Customer data not compromised

On April 18 at least six police officers from the National Operations Department (NOA) of the Swedish Police visited the Mullvad VPN office in Gothenburg with a search warrant.
They intended to seize computers with customer data.


I moved to Mullvad few days ago. on one hand that incident demonstrate they reliability. on the other hand its extremly concerning that Police officers just showed up like this with search warrants


I’ll count this as a win. Shows Mullvad’s transparency by making it public, and that they really don’t have any data to offer, which is all too uncommon these days.


That is their job, to be fair.


With VPNs it comes down to trust as there is no way to verify if a VPN provider store or messes with your traffic.
However, there are practical alternatives to VPNs like Multi-Party Relays (MPR), which provide privacy in the architecture itself.

I’m not sure I trust Invisv, they seem like a new company and their app only has 5,000 downloads on Google Play. Also couldn’t find any source code for any of their products, it seems rather fishy to me at first look.

Ideally you would use Tor if you need privacy from the service provider itself.

MPRs (Multi-Party relays) are still a new technology first introduced by Apple at WWDC 2021 as iCloud Private Relay. If Invisv has implemented MPR as stated, you don’t have to trust them with your traffic because no single party (in this case Invisv and fastly) can see both who you are and what sites you’re visiting.
Hopefully, we will see more options in the future.

Tor is slow and isn’t really the best option for web browsing. MPRs offer the best of both worlds by using Tor like architecture while maintaining high-performance browsing experience.

1 Like

I will definitely keep an eye on it, but for now I will keep using VPNs and Tor as they are generally widely recommended.

Actually based on how the police behaved, as an American I am deeply jealous of how reasonable they were. From the Mullvad link in the OP:

In line with our policies such customer data did not exist. We argued they had no reason to expect to find what they were looking for and any seizures would therefore be illegal under Swedish law. After demonstrating that this is indeed how our service works and them consulting the prosecutor they left without taking anything and without any customer information.

Dramatic re-creation…

Police: show up and demand customer data.

Mullvad: “it’s encrypted bro, check it out”

Police: “That makes sense, thank you for time and sorry to bother you”