The phrase in the title is a common trope that comes up when VPN services are discussed. While this statement is technically correct, it can be misleading, as it implies that all providers handle law enforcement requests and prepare for worst case scenarios similarly, so their conduct cannot be a differentiating factor when you evaluate them.
Considering this is straight from a VPN provider, take this with a boulder-sized grain of salt.
And I say that as someone who believes using a VPN is generally more beneficial than not. And espouses most of that advice regarding the VPN.
Even if a VPN were totally benevolent and gave daily tours of its office, there’s still no 100% guarantee their claims can be verified at all times. So there’s always an element of trust. (I trust most of the ones outside of the Eyes countries more than my home ISP, though. )
I would put Mullvad and IVPN up there as the two VPNs I’d trust most to do things right, but I still agree with everything you’ve said.
I’d put cryptostorm up there too
As others have said, Mullvad is pretty close to (if not at) 100% guarantee… No personal info whatsoever is required to be given when you sign up (including email address or payment information; you can use Monero if you want), so there isn’t really anything that they could give to authorities even if they wanted.
Even if they did keep logs (which im 99.9% sure they don’t), all that would show is an IP address, and from what I understand based on past precedent, that is not enough to identify a person on its own. But IANAL.
The purpose of these corporate white papers is to inform (impress) potential customers of actual issues. It demonstrates knowledge and implies that the company has the ability to leverage their product or service to meet whatever the challenge is.
I wouldn’t say boulder-sized because the meat of the article is true, but yes a bit of skepticism is always useful.