VPN firm warns against encryption backdoor in new ad

"The only way to stop data from ending up in the wrong hands is by not collecting it in the first place." This is the claim included in an ad from one of the best VPN providers around that ran on Monday, January 20, 2025, in the New York Times.

Through a cartoon-style FBI agent, the Swiss company Mullvad seeks to shed light on the tensions between technologists and law enforcement around encryption.

On one side, the recent Salt Typhoon hack – which compromised all major US telecoms – prompted US authorities to call on citizens to switch to encrypted communications. At the same time, however, the FBI referred to "responsibly managed encryption." For Mullvad, this means one thing – creating backdoors to end-to-end encryption.

"This proves they have not understood anything at all and are not learning from their mistakes. They don’t understand the basics: if you create backdoors, they will be exploited by others, as happened in the Salt Typhoon case," Jan Jonsson, CEO at Mullvad, told TechRadar, adding that the campaign is a way to raise greater awareness around this issue.

Encryption – which refers to scrambling data into an unreadable form to prevent unauthorized access – is the guarantee that your messages (for example, when you use Signal or WhatsApp) or internet connections (think of how virtual private network (VPN) apps work) remain private between you and the receiver.

Despite recognizing the importance of using encrypted messaging apps, law enforcement has long argued that police officers should be able to access these encrypted messages to catch the bad guys.

This is not a prerogative for US authorities, either. EU lawmakers, for example, are also pushing for the so-called Chat Control proposal. If enacted, this will require all encrypted communication providers to create such an encryption backdoor to allow the monitoring of all citizens' chats on the lookout for illegal content.

Ironically, the day that Mullvad decided to run its ad in the New York Times, the Financial Times published an article reporting the Europol chief's endorsement, yet again, of "responsible encryption."

"Mass surveillance does not belong in democratic societies. We want people to know their rights and demand their rights," said Jonsson. "And we want the politicians to realize that there is no such thing as anonymous data, that data collected eventually leaks, and that it is high time for authorities to stop mass-surveilling their own and other populations."

More of Mullvad's privacy-focused ads

This was the third in a series of ads, run by Mullvad, in the popular US paper to raise awareness about the risks of intrusive data collection and sharing.

Published on January 8, the first ad pictured a leaking car and came as a response to the Volkswagen data breach that exposed the sensitive information of over 800,000 electric vehicles. A leak, Mullvad explains, that shows that there is no such thing as anonymous data.

Jonsson said: "We cannot have a society where people’s lives are tracked under the excuse that the data is anonymous when patterns in the data reveal the person behind it."

A week after, on January 17, a second ad featured a short comic strip shedding light on a few distinct, yet entangled, issues linked with Big Tech's invasive data collection practices.

By tracking everything people do online, according to Mullvad, Big Tech companies are mapping people's ideas before they're even voiced aloud, de-facto undermining their right to free expression.

The VPN provider also believes that banning metadata collection – meaning all the information about the data that is not the content – could also be an easy way to resolve the problem of misinformation from its root. That's because Jonsson said: "Personal data is what is used to create the algorithms that fuel the spread of misinformation."