Also based on your reply on a sibling thread, is this a legit question (you expect that there is a way but you're not sure how) or are you just waiting for someone to bite just so you can state your case about proving a negative?
replyNot sure which thread you're referring to, but yeah, it is a legit question. I genuinely wondered what made the OP state that it's proven that mullvad doesn't collect logs. While I don't think it's possible at all to prove that some software is running on a remote server, or that this software doesn't collect logs, some people try to find a way to do that, for example Signal claimed that one can verify code running on their servers by code attestation feature embedded in their Intel SGX enclaves, see https://signal.org/blog/private-contact-discovery/
replyStart by the fact that in their system you are just a random number that is generated at the moment you arrive in their website. They make very easy to pay without having to use any of your personal data, like Credit Card. Overall I think if a company put so much effort on that side, they simply don't have any data to log, or if they do is pretty anonymous anyway :)
replyWhile their account privacy policy is commendable, it isn't a proof for not collecting logs.
replyEven without personal details you can collect quite a lot of data - ip address that uses certain VPN account, which servers it talks to while using vpn, at what hours, at what intervals, also all the plaintext data exchanged between client and server. A lot of data that someone (who might already have your ip address mapped to your personal info, for example your ISP, or an online store where you shopped something before you turned on the VPN) would be willing to pay good money for. And companies like money.
The usual proof is whether law enforcement agencies can force the company to share such data
reply