VPNs Without Logs
Basically, VPNs apply three kinds of logging policies. Either they keep browsing logs (not good), record connection logs (not great), or they don’t keep any records at all (fantastic). The latter does not mean there are no logs, it simply means the VPN service provider deletes its logs once they are no longer required.
You should be aware that many free VPNs would track and keep logs about your browsing history. This is how they make money: by selling this information to interested parties such as advertisers, marketers, and service providers. The personal data a VPN service may collect also include your IP address, connection times, and any metadata. Actually, you can find paid VPNs that also collect personal data and logs, acting as spyware instead of protecting your privacy, so we recommend going with a reputable and well-known service.
In contrast, VPNs may only collect data about your connection. The data may include details like connection date and time, connection data, and your IP address. Many VPN providers claim they use this data to optimize their VPN network. While this might be true, we recommend to read the fine print and ensure that connection data is clearly defined.
Then we come to a no-logs scenario, which is the desired service. However, it is almost impossible to implement despite that most VPNs are boasting zero-log policies. Why is it hard to implement in practice?
Each VPN service imposes limitations on the number of devices you can connect simultaneously, for instance. It is quite challenging to implement such limitations without having any logs. The same applies to bandwidth restrictions that are in place across many VPN services. However, these VPN providers should delete the logs, either when you disconnect or at pre-defined intervals. Therefore VPN providers that claim a no logging policy are actually keeping temporary logs, that store limited data, that is deleted and not stored for future use.
So, scrutinize any zero-logs policy by checking all the provider’s terms and conditions and their specific terms for using the service. What’s more, make sure to choose a VPN provider that is based outside the reach of major governments i.e Cayman Islands and Panama.
How VPN Logs Expose Your Privacy
Let’s look at a recent example where the US authorities were able to track down a person who allegedly stalked a former roommate by analyzing his VPN logs. The man was using the service of PureVPN who say on their website that they are “… keeping your IP, identity, and data protected” and also “… embrace complete anonymity”.
Although they do not claim complete no-logs policy, the above statements imply such a policy. How on Earth can you keep your anonymity if they keep logs about you?
The truth is that the VPN provider did keep logs in this case as an official press release reads “… records from PureVPN show that the same email accounts … were accessed from the same WANSecurity IP address.” End of story.
And thus, we come to the problem with official spying by government agencies. It is not a secret that many software apps have backdoors installed under pressure from governments. The same applies to VPN services where government agencies force service providers to keep logs. We will not discuss whether this a good or bad policy but the fact remains – many parties are eager to snoop on your connections to the Internet.
Here is a sample list of what logs a VPN provider may keep on you:
- Your name
- Your email address
- Your phone number
- Your IP address
- Your devicetype
- Your operating system and browser
- Bandwidth data
- Connection timestamps
However, many other properties of your VPN connection can be added to the list.
Misguiding Statements by Zero-logs VPNs
Advanced users have no problem using a reliable VPN, as they know how aggregated and tempory logs are used e.g. username and password. The problem is with the average user who is being misguided by marketing-driven statements about zero-logs or no-logs policies that are not possible to implement in the first place.
While most VPNs claim zero-logs policy on their homepage, only the most obscure of them do not disclose the presence of such logging in their terms and conditions. So, read carefully what a VPN provider is disclosing in regard to browsing and connection logs.
Furthermore, you should pay attention to details such as how a VPN service provider defines their no-logs policy i.e. what they consider a log. As there is no universal definition of what is a “no-logs VPN”, so a provider may well boast zero-logs policy while actually keeping certain logs about your connections and online activity.
A number of leading VPNs have their headquarters in countries that have no data retention laws in place. They claim that this way they are not forced to keep records about their users. On the other hand, you will find it very hard to hold a VPN based in Latin American accountable for delivering on a false promise. Thus it is a complicated thing, really.
When Can You Trust a VPN?
Based on the above, we can say that a reliable VPN service is built on trust. If you can find examples where a VPN service provider was lying about their zero-logs policy by handing personal data or connection records to the authorities, then you cannot trust them when privacy is concerned.
Look, it is not about conducting illegal activities by hiding behind a VPN. It is about a privacy clause, from a service provider, that you entered into a contract with. Either there are logs or there are no logs. And you should clearly know if they are keeping logs, as well as what specific logs are being kept and for how long.
There are a few recent examples involving VPNs whose servers were seized by the authorities in different countries in an attempt to reveal info about certain users of the respective VPN services. In some of the cases, the authorities did not manage to extract any information from these VPN servers simply because the VPN provider did not keep any logs, as promised. Sadly, however, this is the only way you can really verify if a VPN is delivering on its promise.
Alternatively hackers have also tired to gain access to a VPN server, so that they can track a users behaviour (similar to the data an ISP collects). This however doesn’t expose the encrypted tunnel created by VPN application and as such is a smaller issue.
Therefore, researching a VPN service before opting for it is mandatory. We have a list of a few VPN apps that apply zero-logs policy although we advise you to check their privacy policies yourselves and decide whether they meet your requirements.