You can’t prove otherwise unfortunately, you have to trust the provider.. trusting only.
I would personally stay away from proton for anything, vpn or email, I’ve been following their news since started and a lot of sketchy things about them, you can read about some of it here (1), the CEO of protonvpn and Tesonet (data mining company) is the same person, they used to have a lot of vulnerabilities and bad patching system (2)(3). There are other stuff about it can’t find the reference for right now (hmmm?), but I can dig deep later if needed.
Mullvad has been better so far, I personally use / used it, last two years been really bad with their network, and recently they stopped port forwarding (4), but again, you have to trust them.
The second and third articles are over 5 years old, that attack also requires a device to already be compromised. Proton VPN undergoes annual security audits and is also open-source, so anything "sketchy" (like if the app were actually data mining) could be quite easily and quickly discovered.
I would personally stay away from proton for anything, vpn or email, I’ve been following their news since started and a lot of sketchy things about them, you can read about some of it here (1), the CEO of protonvpn and Tesonet (data mining company) is the same person, they used to have a lot of vulnerabilities and bad patching system (2)(3). There are other stuff about it can’t find the reference for right now (hmmm?), but I can dig deep later if needed.
Mullvad has been better so far, I personally use / used it, last two years been really bad with their network, and recently they stopped port forwarding (4), but again, you have to trust them.
(1) https://encryp.ch/blog/disturbing-facts-about-protonmail/
(2) https://blog.talosintelligence.com/vulnerability-spotlight-m...
(3) https://www.scmagazine.com/news/network-security/protonvpn-a...
(4) https://mullvad.net/en/blog/2023/5/29/removing-the-support-f...