LONDON, January 28 — Mullvad’s January 2026 decision to end its anonymous-account trial program is the kind of policy change that will, in the medium term, be remembered as a category turning point. The provider had, for nearly a decade, run the most low-friction privacy-respecting trial program in the consumer VPN category: a randomly generated account number, no email, no payment until you decided to subscribe, and a free trial of meaningful enough length that it could function as a genuine evaluation period. As of January 14, the trial program is gone. New users now have to subscribe before they can use the service, even though the post-payment service itself remains as account-anonymous as it was before.
The operational reasons are defensible. The competitive consequences for the privacy-tooling category are not, on net, good.
What changed and what didn’t
The change is narrow on its face. Mullvad’s post-subscription privacy posture is unchanged: the random account number model remains, payment can still be made via cryptocurrency or cash mailed to a Swedish PO box, no personal information is collected at any point, and the no-logs commitment is unaltered. What changed is the entry path. The free anonymous trial that previously let a prospective user verify the service worked on their network and with their use case — before any financial commitment — is no longer available.
For users who already trust Mullvad enough to pay before evaluating, this is a non-event. For users encountering the provider for the first time, particularly users coming from threat models in which any payment trace is a concern, the friction is meaningful. Mullvad has effectively traded a category-leading evaluation experience for an operational profile that the company has, in its public statement, said was being abused at sufficient scale to warrant the change.
That claim is credible. Free anonymous trials at scale have always been operationally hard to defend against fraud and abuse, and the abuse pattern at any reputable VPN provider with a low-friction trial program is well-documented in the trade literature. The question is not whether the abuse was real. The question is whether the change is proportionate to the threat and what it signals to the broader category.
The category signal
The category signal is the harder problem. Mullvad has, for most of the last decade, occupied a specific role in the consumer VPN ecosystem: the provider that defined the upper bound on what privacy-respecting consumer VPN service could look like. Its account model, its payment options, its audit history, and its trial program collectively set the bar that other providers were measured against. When that provider compresses the most user-friendly element of its trust model, the rest of the category gets implicit cover to do the same.
The data suggests this is already happening. IVPN — historically the closest peer in trust posture — quietly compressed its trial program in late 2025. ProtonVPN’s free tier remains generous but has added increasingly detailed account requirements over the same period. The privacy-respecting consumer VPN category in 2026 is structurally less anonymous-trialable than it was in 2023, and Mullvad’s January policy change is the most visible single move in that direction.
This reflects a structural shift in how privacy-tooling providers are choosing to balance fraud-defense against the threat-modeling needs of their most privacy-sensitive users. The trade-off is real and it is not, in the abstract, illegitimate. The cumulative effect across the category is harder to defend.
What it does not mean
It is worth being precise about what this change does not mean, because the privacy-tooling discourse on this topic has been less precise than it should be.
Mullvad has not become a less privacy-respecting provider in any operational sense. Post-subscription, the service is what it was. The audit history is what it was. The no-logs commitment is what it was. Users who already trust Mullvad’s overall posture have no reason, on the available evidence, to revise that trust. The change is at the entry point, not in the steady-state service.
Mullvad has also not, on any reasonable reading, capitulated to a regulatory pressure or a law-enforcement demand. The January policy change reads as a straightforward operational decision driven by abuse economics, and the company’s public statement supports that reading. The privacy-community speculation about hidden regulatory pressure is, on the available evidence, unsupported.
What has changed is the discoverability of the service for the most privacy-sensitive cohort of new users, and the implicit category permission for less rigorous providers to follow.
The Consumer Tech Wire view
For users currently subscribed to Mullvad and satisfied with the service: no action is required, and no change in trust posture is warranted. The service is what it was.
For users evaluating a VPN provider in 2026 from a threat model where anonymous evaluation matters: the options have narrowed. The right move in most cases is to evaluate via short paid subscriptions to two or three providers, accept the small payment friction, and treat the evaluation cost as the cost of having a choice in 2026’s compressed market. Mullvad remains a reasonable candidate for the final selection.
For the privacy-tooling category as a whole: the trajectory is concerning. The data suggests we are moving toward a 2027 in which the consumer VPN market is structurally less anonymous-evaluable than it has been at any point since 2018, and that trajectory is not driven by regulatory pressure but by the cumulative operational decisions of individual providers. The privacy community would benefit from a more deliberate conversation about what the floor on anonymous evaluation should be, before the floor moves further.
We will be updating our 2026 VPN provider audit to reflect the trial-program changes across the category and will publish a revised version in May.
Tomas Whitfield-Asari reported from London. This analysis reflects the views of its named author and Consumer Tech Wire’s editorial board.