Yeah, you can make an account with Proton anonymously via Tor. And pay for the service in Cash. The only thing literally being saved is your password which Mullvad doesn’t need as it is not a traditional account. You will still need to store the Mullvad username somewhere, and you’ll have to do the same with Proton.
Again, I don’t see the big differentiator here where any other “meta data” is collected.
With Mullvad, you only need a random numbers, that is it. You don’t need an email, even a temporary one, and you don’t need an account at all. You don’t need an email and an password. You don’t need to provide a payment method.
Proton on the other hand wants everything above.
You can store your Mullvad account number in a text file and delete it after 30 days and then create another one without hassle.
(afaik) This (rather expensive) “protection” is needed because Mullvad is going all-in on WireGuard. OpenVPN, for instance, doesn’t need these?
Proton has credential-less mode live on Android, which is similar to Mullvad’s (and Windscribe’s?) implementation. Things are moving in the right direction.
For devils advocate, you’d have to trust both an email provider and a VPN for Proton (paid) vs Mullvad without needing any other third party service to register. More entities is a larger surface to make mistakes depending on the threat model. Mullvad also supports cash and Monero for payment.
In general, I’d say it boils down to trust and the privacy laws in the jurisdiction of the company. I “trust” Mullvad more than Proton with respect to privacy. Mullvads entire business is solely around being a VPN and providing privacy respecting services (like Leta, Mullvad Browser), while Proton is focused on security services.