How does Mullvad's transparency report detail government requests and their outcomes?
Executive summary
Mullvad does not publish a routine transparency report and has told journalists it has no plans to start one because it says it holds no user data to disclose; critics and reviewers say a report would nonetheless build trust (CNET, PCMag) [1] [2]. Independent audits and detailed “system transparency” documents are publicly available and cited by outlets as evidence of Mullvad’s privacy posture, but reviewers note that transparency reports are still recommended (TechRadar, Wirecutter) [3] [4].
1. Mullvad’s stated reason: “we can’t publish what we don’t have”
Mullvad’s position, stated to reporters, is that it does not plan to publish transparency reports because the company lacks verifiable user data to disclose; Mullvad representatives argue that transparency reports would be unhelpful if they can’t be independently verified and that the company simply cannot provide user data in response to requests (CNET) [1].
2. What mainstream reviewers record: no transparency report, but strong audit record
Major tech reviews note Mullvad does not publish a transparency report or a warrant canary, yet they consistently point to repeated third‑party security audits and published technical material as the company’s alternative route to accountability (PCMag, TechRadar) [2] [3]. Reviewers therefore treat audits and system‑level disclosures as Mullvad’s transparency strategy even while urging a formal report (Wirecutter) [4].
3. What a transparency report would normally show — and why critics want one
A typical transparency report lists the number and types of government/legal requests received and how the company responded; critics and some outlets say even a simple log of interactions would help consumers evaluate claims of “no logs.” PCMag explicitly says Mullvad “does not compile a transparency report” and that a simple log would be useful for consumers [2]. Wirecutter and other reviewers likewise recommend an accessible, regularly updated report [4].
4. Evidence Mullvad cites instead: audits and “system transparency” papers
Mullvad publishes third‑party audits and technical documents such as its System Transparency whitepaper, which describe cryptographic and operational measures designed to make server behavior verifiable without exposing user data; outlets cite these as substantive steps toward verifiability (TechRadar, Mullvad blog/system transparency) [3] [5] [6].
5. Competing perspectives: auditors vs. independent testers
Security audits from firms named in coverage (Cure53, Assured AB, Radically Open Security) are treated by TechRadar and others as confirmation of Mullvad’s no‑logs claims [3]. By contrast, independent review sites like vpntester.org raise skeptical technical interpretations—claiming stored connection metadata could in practice identify users—arguing Mullvad’s no‑logs messaging can be misleading [7]. Both perspectives appear in public reporting and reflect different readings of the same or related technical claims [3] [7].
6. Missing data and limits of available reporting
Available sources do not include a Mullvad transparency report detailing numbers of government requests, types of orders, or granular outcomes; PCMag and CNET explicitly say Mullvad lacks such a report and has no plans to produce one [2] [1]. Thus, claims about how many requests Mullvad receives or how it responded cannot be sourced from the supplied material—those figures are not found in current reporting [2] [1].
7. Practical implication for users weighing trust
If you need documented counts of legal requests and responses, Mullvad’s current public record (audits, system transparency documentation) will not satisfy that specific need because it does not include a conventional transparency report; reviewers recommend such a report as a trust‑building measure even while acknowledging Mullvad’s broader audit and engineering transparency (PCMag, Wirecutter, TechRadar) [2] [4] [3].
8. What to watch next
Journalists and privacy analysts recommend watching Mullvad’s audit cadence and any changes to its public disclosures: outlets urge annual reports or regular summaries to fill the gap reviewers see today (Wirecutter, TechRadar) [4] [3]. Mullvad’s public stance against creating a transparency report is explicit in interviews cited by CNET; unless that policy changes, the company will continue to rely on audits and technical papers rather than incident‑level reporting [1].
Limitations: This analysis relies solely on the supplied sources. No supplied documents contain an actual Mullvad transparency report with government‑request counts or individual request outcomes, so such details are not reported here [2] [1].