77
submitted 3 months ago by communism@lemmy.ml to c/privacy@lemmy.ml

I've been reading through Signal's government requests and couldn't find a similar section on Mullvad's website. I'd be curious to read about them if there are any. It would seem unlikely to me that Mullvad has never received any kind of court order for information about a user.

top 30 comments
sorted by: hot top controversial new old
[-] c0smokram3r@midwest.social 51 points 3 months ago
[-] communism@lemmy.ml 14 points 3 months ago
[-] Darkassassin07@lemmy.ca 45 points 3 months ago

Yup, Swedish police issued a search warrant and raided Mullvads offices last year. They left empty handed as Mullvad does not retain ANY customer data.

[-] delirious_owl@discuss.online 20 points 3 months ago

They even stopped allowing customers to pay with credit card recurring payments because they didn't want to store customer payment info that could harm their users.

[-] electric_nan@lemmy.ml 10 points 3 months ago

I currently pay Mullvad with a recurring charge on my credit card.

[-] delirious_owl@discuss.online 4 points 3 months ago

They brought it back? That's concerning

[-] ReveredOxygen@sh.itjust.works 6 points 3 months ago

They realized banning convenience is bad for business. You can still pay in private ways

[-] delirious_owl@discuss.online 2 points 3 months ago

When they announced it, they said it would be bad for business, but that they valued their customers privacy more than the cost it would cause in lost business.

[-] OhVenus_Baby@lemmy.ml 7 points 3 months ago

Once their servers are unplugged they lose all value. While their online and running that could be a different story.

[-] tetris11@lemmy.ml 2 points 3 months ago
[-] OhVenus_Baby@lemmy.ml 2 points 3 months ago

Possible but with physical access needed. Which makes things much more difficult. At least for servers under Mulls control vs rented servers from a provider in each locale.

[-] eya@lemmy.dbzer0.com 26 points 3 months ago
[-] mipadaitu@lemmy.world 38 points 3 months ago

That's a bit misleading, they did receive a request, and a search warrant was attempted, but since the data they wanted didn't exist, nothing happened.

Good link, but just the word yes didn't accurately answer the question.

[-] eya@lemmy.dbzer0.com 23 points 3 months ago

just the word yes didn’t accurately answer the question

correct, which is why the link was provided. the OP can figure the rest out, as you did

[-] ShortN0te@lemmy.ml 7 points 3 months ago

Since you are pedantic. The answer yes is absolutely correct and not misleading. The question was "Has given a court order to reveal..." and not "Was revealed personal information 'cause of a court order".

[-] msage@programming.dev 6 points 3 months ago

You sir are technically correct.

The best kind of correct.

[-] communism@lemmy.ml 4 points 3 months ago
[-] aiccount@monyet.cc 21 points 3 months ago* (last edited 3 months ago)

What could they even give? They don't even ask for an email, and they claim to run everything you browse as RAM that never gets held or recorded.

[-] communism@lemmy.ml 8 points 3 months ago

Yes if you get a court order for data you don't hold, you don't have to provide data you don't have access to. I wasn't expecting that Mullvad would have any useful data to give, I just wanted to read their response/commentary is all

[-] NegativeLookBehind@lemmy.world 5 points 3 months ago

Credit card numbers, assuming you would pay for the service that way

[-] aiccount@monyet.cc 0 points 3 months ago

I don't see why people would use a credit card to pay for a vpn, it seems like it would totally defeat the purpose. I guess if you get ahold of an anonymous card then it would be fine, but using a card in your name to pay for an anonymous service just seems wacky to me.

I'm curious, does anyone here pay for their vpn with something thatvis in their name? If so, why?

[-] Railcar8095@lemm.ee 21 points 3 months ago

Because that's not our threat model.

I want to be anonymous for the sites I visit. I want my ISP, who's likely selling my data, to have none. I want to use a WiFi without anybody sniffing.

I'm lucky enough to live in a county were I'm not prosecuted for my ideas or who I am, and I'm not doing anything illicit aside from torrent.

So the hassle doesn't seem needed in this case. If I think Mullvad can harm me if they know my name, then I wouldn't use it at all, even with private payments.

[-] fluckx@lemmy.world 13 points 3 months ago

Anonimity is keeping your identity private, but not your actions.

Privacy is keeping your actions hidden, but not your identity.

Using a VPN will hide your IP and make you more anonymous online. Using a personal CC to buy the vpn does not compromise that and does not defeat the purpose at all.

Only if your specific account ID is compromised could the personal CC be used against you by identifying you. E.g.: "they" found your bad email in an inbox of somebody who is less privacy conscious and are trying to figure out who festybear69@... is.

It depends on what your use-case/threat model is.

[-] GustavoFring@lemmy.world 8 points 3 months ago

What purpose is it defeating if they are not storing anything besides your credit card payment information?

[-] vxx@lemmy.world 6 points 3 months ago* (last edited 3 months ago)

Yeah, if they're looking for your data on VPN services, they obviously already know you use it, most likely because of the IP.

[-] AllNewTypeFace@leminal.space 21 points 3 months ago

IIRC, they get requests for data, and, if the request is valid, hand over what they have, which is virtually nothing as they don’t keep logs. There is no provision in Swedish or EU law that could compel them to start keeping logs.

[-] LodeMike@lemmy.today 16 points 3 months ago

They also "retain lawyers to monitor the legal landscape should they need to move core parts of [their] business"

[-] TheBigBrother@lemmy.world 1 points 3 months ago

Why would they?, there is nothing they can found anyway.

[-] communism@lemmy.ml 8 points 3 months ago

They'd get nothing helpful from Signal either and yet governments still do it. Governments often don't know what they're doing and are used to just being able to ask companies for user data

[-] OhVenus_Baby@lemmy.ml 2 points 3 months ago* (last edited 3 months ago)

Nothing majorly helpful. They show account creation date, last seen date with time stamps for creation and last seen. Phone number used to register, account ID as a number, sealed sender from anyone such as true or false, find your account by contacts true or false. Badges by number such as 1 or 0. And user agent as letters. That's about it. Anyone can pull their log file they keep under account settings anytime inside the app.

this post was submitted on 08 Aug 2024
77 points (98.7% liked)

Privacy

31974 readers
216 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS