Proton VPN: 458 Court Orders Since 2017, and Still Zero Data Handed Over
47 requests in six months. 47 refusals. Proton has published its transparency report for Proton VPN for the first half of 2026. Every court-approved request in Switzerland aimed to identify the user connected to a specific server, at a specific time, on the VPN infrastructure. Each time, Proton says it had nothing to provide, highlighting its no logs policy.
47 requests, 458 in total, and the same answer every time
Proton VPN's transparency report was updated on July 14, 2026. It lists the legal orders received by the Swiss company, starting from the moment they were approved by the Swiss authorities. Proton takes the opportunity to remind readers that only requests from Swiss courts have real legal weight, and that Swiss regulations forbid it from responding directly to a foreign request that has not gone through the Swiss judicial process (this would fall under the Criminal Code).
The annual tally published by Proton is as follows:
- 2026 (through June): 47 orders received
- 2025: 59 orders received
- 2024: 53 orders received
- 2023: 60 orders received
- 2022: 80 orders received
- 2021: 121 orders received
- 2020: 37 orders received
- 2019: 1 order received
Each time, the request was denied. In total: 458 orders since the service launched in 2017, and 458 refusals. The reason given is always the same. All of the requests sought to link a server IP address and a timestamp to a user, information that Proton says it is unable to provide because it keeps no connection logs.
These figures concern Proton VPN, not Proton Mail. The email service has a separate reporting system. That makes sense, since an email account inherently involves the storage of data. The Proton Mail record is different, and there have in fact been several cases.
The most recent dates back to March 2026, when 404 Media uncovered an FBI agent's sworn statement showing that Proton Mail had provided Swiss authorities with a bank card identifier linked to the account of an activist in the "Stop Cop City" movement in Atlanta, through a mutual legal assistance request dated January 25, 2024. The FBI traced the card to the bank, then to the name. Encryption was not broken; billing metadata did the talking.
A commercial selling point, and a legal framework under pressure
This report indirectly highlights Proton VPN's no-logging policy (No Logs). It is often a selling point for VPN providers. If it is genuine and not just marketing, it is indeed hard to provide what you do not have. The report also helps document behavior over time, while keeping in mind that Proton VPN's No Logs policy has been audited by external organizations.
The bigger question remains legal, not technical. This entire architecture rests on one point: Swiss law does not require Proton VPN to keep connection logs. But if you follow the news even a little, you know there have been heated discussions on this topic since January 2025, with the planned revision of the OSCPT (ordinance on the surveillance of postal and telecommunications correspondence) and the OME-SCPT. I wrote about this when Proton threatened to leave Switzerland over a surveillance proposal deemed more intrusive than the U.S. framework. That file is still open and could affect Proton VPN in the future.
In other words, the 458 refusals documented by Proton to date describe the state of the law, not an immutable technical guarantee. If retention requirements were to change in the future, the report might no longer be as reassuring as it is today.
You can find Proton VPN's transparency report on this page.
What is your opinion on the matter?


