The terms “5 Eyes“, “9 Eyes“, and “14 Eyes” often appear in the privacy community, especially when discussing VPNs.
In short, these are just international surveillance alliances representing various countries around the world. These surveillance alliances work together to collect and share mass surveillance data. In other words, they are essentially acting as one global-surveillance entity to spy on you and record your activities.
In this guide we’ll explain the different “X” eyes surveillance alliances and why this topic is important when choosing a VPN service.
Five Eyes
The Five Eyes (FVEY) surveillance alliance includes:
- Australia
- Canada
- New Zealand
- United Kingdom
- United States
The history of this alliance goes all the way back to WWII and the UKUSA Agreement. This agreement officially formalized a partnership between the United Kingdom and United States for sharing intelligence. The partnership continued throughout the Cold War and has only strengthened following the “War on Terror” and subsequent “terrorist” events.
Edward Snowden brought renewed focus to the Five Eyes surveillance alliance in 2013 when he exposed the surveillance activities of the US government and its allies.
According to Wikipedia, these are the different “5 Eyes” surveillance agencies working together to collect and record your activities:
It is no surprise that some of the Five Eyes countries listed above are also the worst abusers of online privacy:
- United Kingdom – Since the passage of the Investigatory Powers Act in 2016, internet service providers and telecoms have been recording browsing history, connection times, and text messages. The data is stored for two years and is available to UK government agencies and their partners without any warrant necessary.
- United States – The US government has been implementing Orwellian mass surveillance collection methods with the help of large telecoms and internet service providers (see the PRISM program). Recently internet service providers have been given the legal authority to record user activity and sell this to third parties (and you can’t opt out).
- Australia – Australia has also implemented sweeping data retention laws similar to the United Kingdom. (See the best VPN for Australia guide.)
Broad authority – The other drawback with these Five Eyes countries is that they have tremendous authority to force companies to hand over data. This is particularly easy for US government agencies, which can also demand non-disclosure through gag orders.
Nine Eyes
The Nine Eyes countries include all of the previous Five Eyes countries plus:
- Denmark
- France
- Netherlands
- Norway
The existence of the Nine Eyes alliance is referenced in Wikipedia and other sources online. It is just an extension of the Five Eyes alliance with similar cooperation to collect and share mass surveillance data.
14 Eyes
The 14 Eyes surveillance countries include all of the previous Nine Eyes countries plus:
- Germany
- Belgium
- Italy
- Sweden
- Spain
As before, the original surveillance agreement was extended to these other countries. The official name of this group of countries is referred to as SIGINT Seniors Europe (SSEUR).
Additional surveillance partners
+ Israel – Israel must be included when discussing the Five Eyes surveillance partners. As many sources point out, it is one of the closest partners with the US government and National Surveillance Agency (NSA). Here are a few examples documenting this:
- Wikipedia claims Israel is an official “observer” to the Five Eyes alliance
- Source – NSA shares raw surveillance data directly with Israel; very close cooperation between US/Israeli surveillance agencies
- Source – “Shady Companies with Ties to Israel Wiretap the USA for the NSA”
- Source – Israeli authorities yield wider surveillance powers than US authorities
+ Singapore, South Korea, and Japan – Singapore and South Korea are also reported to be close partners in the Five Eyes alliance. Japan also appears to be a close surveillance partner with the United States (source; source; source).
+ British Overseas Territories – It should be noted that the different British Overseas Territories also fall under varying degrees of UK influence. While many of these territories exercise some independence, they are still legally connected to the United Kingdom.
VPN services located in 14 Eyes countries and territories
Note: this list includes VPNs that are located in:
- Five Eyes (United States, United Kingdom, Australia, Canada, and New Zealand)
- Nine Eyes (Five Eyes + Denmark, France, Netherlands, and Norway)
- Fourteen Eyes (Nine Eyes + Germany, Belgium, Italy, Sweden, and Spain)
- Additional partners (Israel, Singapore, South Korea, Japan, and all British Overseas Territories)
AceVPN (USA)
ActiVPN (France)
AirVPN (Italy)
AnonVPN (USA)
Anonymizer (USA)
Avira Phantom VPN (Germany)
AzireVPN (Sweden)
BeeVPN (Denmark)
Betternet (Canada)
Blockless (Canada)
BTGuard (USA)
Celo (Australia)
ChillGlobal (Germany)
Cloak (USA)
CrypticVPN (USA)
CryptoHippie (USA)
DefenceVPN (Barbados)
Disconnect.me (USA)
ExpressVPN (British Virgin Islands)
FlowVPN (UK)
FlyVPN (USA)
FoxyProxy (USA)
FrootVPN (Sweden)
FrostVPN (USA)
GetFlix (Canada)
GhostPath (USA)
GooseVPN (Netherlands)
GoTrusted (USA)
GoVPN (Germany)
Hide My IP (USA)
HideIPVPN (USA)
HideMyAss (UK)
Hotspot Shield (USA)
IncognitoVPN (USA)
Integrity.st (Sweden)
Internetz.me (Germany)
IntroVPN (USA)
IPinator (USA)
IPredator (Sweden)
IPVanish (USA)
IVPN (Gibraltar)
LibertyShield (UK)
LibertyVPN (USA)
LiquidVPN (USA)
Mullvad (Sweden)
My Expat Network (UK)
MyIP.io (USA)
MyVPN.Pro (USA)
Netshade (USA)
Newshosting (USA)
NolimitVPN (Singapore)
Norton WiFi Privacy (USA)
OctaneVPN (USA)
Opera Browser VPN* (Norway) [Note: “Opera VPN” is not actually a VPN, but instead a proxy.]
OverPlay (UK)
OVPN.com( Sweden)
Private Internet Access (USA)
PrivatePackets.io (British Indian Ocean)
PrivateTunnel (USA)
PrivateVPN (Sweden)
ProXPN (Netherlands)
PRQ (Sweden)
RA4W VPN (USA)
RogueVPN (Canada)
RootVPN (Netherlands)
SaferVPN (Israel)
ShadeYou (Netherlands)
SlickVPN (USA)
Speedify (USA)
Spotflux (USA)
Steganos (Germany)
StrongVPN (USA)
SunVPN (USA)
SuperVPN (USA)
SurfEasy (Canada)
TGVPN (UK)
Torguard (USA)
TorVPN (UK)
TotalVPN (UK)
Traceless.me (Germany)
TunnelBear (Canada)
Tunnelr (USA)
TVWhenAway (UK)
Unblock-Us (Barbados)
Unlocator (Denmark)
UnoTelly (Canada)
Unseen Online (USA)
Unspyable (USA)
VikingVPN (USA)
VPN Gate (Japan)
VPN Land (Canada)
VPN Master (USA)
VPN Unlimited (USA)
VPN.sh (UK)
VPN4All (Netherlands)
VPNAUS (Australia)
VPNJack (USA)
VPNMe (USA)
VPNSecure (Australia)
VPNShazam (Israel)
VPNUK (UK)
WASEL Pro (Netherlands)
WifiMask (Netherlands)
Windscribe (Canada)
WiTopia (USA)
WorldVPN (UK)
Zenmate (Germany)
ZoogVPN (UK)
Does it even matter?
In the end, it’s difficult to determine exactly how much influence a VPN’s jurisdiction has on your privacy and data.
This is especially true when you consider that these surveillance entities operate globally and have the capability to monitor communications around the world. Therefore an “offshore” VPN may not be the silver bullet that some people claim.
Example: US authorities compelled a Hong Kong “no logs” VPN service (PureVPN) to log user data and hand over this information to arrest and prosecute the VPN user (see article). All of this took place with an “offshore” VPN that has a “zero log policy” and promises to make its customers “invisible” to third parties.
This shows that “no logs” marketing claims do not always align with reality. And furthermore, choosing an offshore provider may in fact be worse than choosing a US-based VPN service with good data protection policies and practices.
Ultimately, jurisdiction is just one of many factors to consider when looking for the best VPN service for your specific needs.
If you want additional protection, you may want to consider using a multi-hop VPN chain. Similar to the Tor network, this setup routes your traffic across different VPN server “hops” before exiting onto the internet. Multi-hop VPNs give you a higher level of privacy and online anonymity.
VPN providers offering multi-hop VPN chains include:
- Perfect Privacy (based in Switzerland) – Create self-configurable VPN chains with up to four servers; or use their new NeuroRouting feature, which is a dynamic multi-hop setup that can be used on any device.
- VPN.ac (based in Romania) – Currently offering 18 different double-hop configurations, along with very advanced encryption.
- NordVPN (based in Panama) – Currently offering 16 different double-hop configurations, along with an ad-blocker. (See also 75% discount price.)
- ZorroVPN (based in Belize) – Create self-configurable VPN chains with up to four servers (but they do not offer any apps, so you will need to use third-party software).
Stay safe!
Thanks a ton for such a deep and valuable insight into the subject and also the well-thought reviews (which I’m going through at the moment).
Possible to review ZoogVPN? [https://zoogvpn.com/]
Need to buy a service soon and I see they have a “No” everywhere in this list.
[https://thatoneprivacysite.net/vpn-comparison-chart/]
I’d appreciate it.
Cheers
Hi, could you review, or give us your opinion on Mullvad Vpn? You register without providing any personal information or your e-mail, so would it be a valid choice despite being subject to Sweden jurisdiction?
Hi Sven,
I think it’s time to seriously work for internet decentralization. The situation is getting worse every day.
If we do nothing internet will soon become our prison.
People must think about political system and capitalism more deeply and by themselves.
Things are going really bad on our world. Earth should be a paradise, not a hell. It’s all in our hands.
Regards.
Would tor be within the eyes if they are based in Germany??
Well, the Tor project is based in the US, but anyone can operate a Tor node – they are all over the world.
I need a free vpn that doesn’t log and require opening an account, recommendations?
Please do not recommend vpns that have trials attached to them.
I’d avoid free VPNs. If it’s free, then you are likely the product.
Spot on
I use Opera’s free VPN feature, and VPN addons with Firefox. I don’t see how this makes me a product, and meanwhile I benefit from the advantages of a VPN connection.
Read Opera’s privacy policy, where they describe how your data is collected and shared with third parties, then you will understand.
Hi Sven,I’m not tech savvy,so this may seem a stupid question.If i’m using PIA and firefox when browsing,will this be recorded on my hard drive? thanks for your help.
Hi Jim, the VPN will not be recording anything, but Firefox may be storing your browsing data depending on your browser’s settings/configurations. You can modify Firefox for more privacy using the steps in this guide.
Hi Sven,i use avast internet security and also avast vpn.I have recently set up PIA and quite often find avast softlayer technologies appearing with the country chosen through PIA(very concerning and frustrating).Most common one is 173.192.103.7 US.another is 169.57.1.216. BTW my avast vpn is not on when this occurs.An earlier comment shed some doubt on PIA no logs,your opinions please.Also,if i use firefox and PIA will browsing be recorded on harddrive.thanks.
Hi, you should configure Firefox to keep as little data as possible. PIA is a US-based provider, which is not a good jurisdiction, but it has also had their “no logs” claims confirmed in court.
Regarding Avast, I’m not sure what is going on. I’ve seen that avast antivirus collects quite a bit of data, and last time I checked their privacy policy, this data could also be shared with third parties. I’m not sure about their VPN though.
Something for you to be aware of Sven, to be honest, I think it’s important enough to have it’s own article.
Yesterday, I found that UK mobile networks require “adult verification” when unblocking adult content restrictions, by submitting driving licence or passport details, if you are using a sim car that isn’t on a contract.
Now, the uninformed might think “It’s just to make sure that children aren’t accessing pornography & to safe guard the vulnerable”.
No. This is used to get a registrar of people who use encrypted communication over their ISP’s, plain & simple, because it explains all of the following…
Yesterday, I had to update my NordVPN Windows app, which at the time, was connected to my 4G hotspot. Upon doing this, I could no longer access the Nord app at all.
In addition, on an un-encrypted connection:
-I couldn’t LOAD any VPN website AT ALL.
-As a test, I tried a number of websites that some might consider “fringe” or “politically controversial” & I couldn’t load them without the “adult verification” prompt.
-I tried to install offline, the NordVPN windows app, couldn’t login.
-I setup the Windows 10 VPN IKEv2 & I couldn’t connect to the internet.
-I tried to install a Express VPN (trial) & ProtonVPN on my mobile & it wouldn’t configure (i.e blocked)
Eventually, I solved the problem by connecting to wifi & setting the connection type to “obfuscated”, but if I was with a VPN provider (or was technically unaware) & using a 4G hotspot to access the internet, I would no longer be able to use a VPN without verifying my identity…at all.
Now, what has prompted all this? It’s a recently passed UK law to “protect children”
This is some background info on the law, prior to it’s passing:
https://www.independent.co.uk/news/uk/politics/internet-laws-social-media-child-safety-terrorism-facebook-twitter-matt-hancock-a8360081.html
I wouldn’t be surprised if public wifi does the same thing soon.
I would now say that any VPN provider that doesn’t have a type of obfuscated connection, cannot be recommended for UK users, at all.
Hi Richard. Wow, this is interesting. If you don’t mind me asking, what is the internet provider you noticed this on? So you are saying that standard OpenVPN (non-obfuscated) connections are getting blocked on 4G mobile networks (without verification) and home networks (your WiFi) – correct? It looks like the UK is following in the steps of China and Saudi Arabia with internet censorship. And then there was the recent EU law passed regarding content filters, copyright for news articles, and link taxes. Probably it’s time for an article on EU censorship…
With home (landline) networks, some providers, by default, will have “adult content” restriction & you’ll need to login to your account to remove it. I know that Virgin & Sky have their adult filter enabled by default & while you can load a VPN site, you’d have to disable it to use a VPN connection. I don’t know about BT or Plusnet (BT owned).
https://betanews.com/2016/07/07/sky-broadband-web-filters/
I don’t know exactly how the recent law change may have affected the landline providers outside of what I’ve seen myself, but considering you need to be 18+ to sign a contract, it might vary from provider to provider & might require more research.
But…mobile networks, non-contract pay as you go…100% have adult verification. If you had a new phone & new sim card & tried to install a VPN app using a 3/4G connection, it won’t work, you would need to login to wi-fi to install & then you can use VPN (I was mistaken, non-obfuscated connections work on 3/4G connection…for now), BUT…if you turn on the hotspot feature on the phone & try & connect a laptop that ALSO has a VPN app…that won’t connect using a non-obfuscated connection using windows 10, which means many VPN servers in countries that can’t or for commercial reasons, aren’t available on a obfuscated connection type, if you’re using a 4G hotspot that isn’t age verified.
That is 100%. My concern is that the government will then force Google & Apple to also do age verification.
https://www.thesun.co.uk/tech/5783907/porn-verification-age-scheme-check-date-uk-when/ <— this gives a simple explanation of the law.
I sent the info to NordVPN, which they said they were unaware of & would investigate what to do about it.
https://www.vpncompare.co.uk/wp-content/uploads/2015/10/o2-age-block.png <—this is the screen I was getting when I tried to access some various "alt-media" that was more "right-leaning".
This dispels the lie of "protecting children from porn".
All the mobile networks are forced to comply with this law, I use 02…I checked the other main ones (Three, Vodafone, EE), they all state that age-verification requires an upload passport/Driving licence details, I think it also said about using a card payment, probably to use the credit check facility to confirm identity.
I did mention in my post yesterday about public wifi, well…I've noticed my local supermarket Morrisons blocks VPN (even obfuscated), as well as another large high street business which…I can't remember who it was, just that it wouldn't work, but that is probably related to the fact these business mine the user data for commercial purposes, maybe…
As for the EU…that article 13 is something that should concern us all.
Thanks for the information, Richard. I’m going to do an article on censorship in Europe, and perhaps also one for the UK specifically.
Hello, Is there safe to use a VPN provider from Panama and connect to a local location for accessing local content when the local country is on the 9 eyes list?
As you mentioned about PureVPN giving logging users data but what I know after reading their response on their blog is that they only keep timestamp which is Okay. What do you have to say about that?
Hey,
SaferVPN is not belonging to any of those alliance. I suggest checking our NO LOG POLICY
[link removed] and the privacy policy [link removed]
This has nothing to do with your VPN or your “no log policy”. Israel is a close surveillance partner with the US – see the links and sources in the article.
Hi,
Thank you very much for this site and your work.
Sad for me to see my VPN provider here, It’s office based in Italy.
I noticed, you sometimes advice PerfectPrivacy and VPN.ac, so I looked at their info. I just want to mention that the software they provide is closed-source, so you never can be sure what does this software do exactly. As for me, it looks strange a bit in the context of usage. And it has poor functionality. For example, the VPN I use (but now will look for another) provides an open-source client software, available on gitHub, with lots of views and commits, and so on. It also has much advanced options than PerfectPrivacy’s do, because there is a big suggestion thread on the forum.
VPN.ac looks great for me if there was a way to manage double tunnel on linux with easy steps. I’ll try to find it.
Thank you for this article.
What VPN do you use? Since it’s open source I will check it out on GitHub. Thanks in advance.
It seems that you guys now what you are talking about. I would like to hear a opinion on Mullvad besides that there are part of the fourteen eyes. Looking for a Perfect Privacy alternative
Why ProtonVPN is not on the list? It’s based in a Switzerland and has a cascading VPN option (called Secure Core).
Hi Piotr, check out the ProtonVPN review to see why it’s not recommended here.
Hello Sven,
This sounds so intriguing “you can definitely setup a VPN router to work at all times. And then, for an even higher level of protection, you can connect to the router with your computer, and then connect to another VPN server through your computer, thereby using two different VPNs at the same time. I’m actually testing this out right now with different routers.” If you can get it to work, I hope you will do a how-to guide for it. Since I am using Windows XP I do not know how practical it would be, but maybe I can figure something out.
Chau
Hi Chau, it works fine and is pretty easy to do. The main thing to keep in mind is using nearby servers to minimize latency.
It doesn’t matter!
Or I’d say US provides are safer from the US intels as they are at least protected by US laws!
The US intels don’t care foreign jurisdictions. They don’t have any law to obey outside US and so can operate more freely there.
I remember, after Snowden revelations, many self-proclaimed privacy specialists like “The One Privacy Guy” said Hong Kong was an ideal place for VPN providers to be based in as Snowden chose there. To me, it was obvious that he chose there because of “the enemy of my enemy is my friend” mentality as Hong Kong is a part of China, which is an enemy of the US. So, I called “The One Privacy Guy”‘ a phony because he rated Hong Kong based BlackVPN very highly for that.In fact, long before that, the owner of BlackVPN had admitted they had kept connection logs and called all no log VPNs lairs at Reddit many times. Nevertheless, “The One Privacy Guy”‘ labeled BlackVPN as “No log VPN” and rated it highly. And, later,it revealed that he was a user (and possibly fanboy) of BlackVPN! Back then, many people called me stupid, but now we know who was right about Hong Kong!(You know PureVPN, right?)
Also, I remember, long before then, the exactly same type of FUD or propaganda against US based VPN providers,like “Stay away from US providers and use offshore one!”, was used by FindNot and XeroBank, both of which were Panama based VPN providers and one day suddenly ceased the operations and disappeared. Poor, none of their users caught the con artists. I mean, how could they?—even though the FBI couldn’t touch them because they were an offshore company(What an irony)!
So, don’t say “US VPN providers are bad and offshore ones are better!”.
Also, remember rolling out VPNs is relatively easy and many of VPN providers could be shell companies or one person operations or run by online buddies who have actually never met each other.
So, you’d better not trust VPN providers based in ambiguous offshore countries.(Don’t you remember “Panama papers”?)
Good points Lisie, but it’s a tough call either way. I’d still opt for a provider outside of the US, but jurisdiction is just one of many factors to consider.
Regarding “That One Privacy Guy”, I too am skeptical of many of his claims. See this thread where he is called out for lying by AirVPN staff, but then doubles down on his accusations.
But back to jurisdiction, of course the NSA is a global adversary. But we already know that every large tech company in the US has been forced to cooperate on the surveillance agenda. This has been known for many years now – way before the “Snowden revelations”. A VPN in Switzerland would have a lot more independence and ability to resist NSA influence vs. a VPN in California. Remember Lavabit email?
Sven, I want to thank you for such a fantastic, well-written, and thorough article on a subject I have been researching for a while now. I have used PIA and others. I am constantly amazed by the amount of “Weasel words” used in their “no logs” policies. FWIW, I don’t do anything illegal online, I don’t even want VPN for torrents and stuff like that, I simple want ABSOLUTE Anonymity. Of course I know there is NO way to get that, as IF what someone is doing is high enough priority, all nations and companies will (and perhaps should) give up a user, for example someone planning to kill a few thousand people. The problem I have, and my main motivation for wanting the best VPN I can find, is the fact that western governments DO NOT go after crime, they don’t care about stuff that hurts PEOPLE, only stuff that hurts THE GOVT! This hypocrisy drives me insane, people buy illegal stuff online all the time and they do nothing, meanwhile they go after people expressing simple freedom of speech which is against the flow of the current government or politically correct agendae which are currently fashionable!
I use the internet to research issues of free speech and government corruption. I am therefore very concerned about spying etc. I simply want the most secure VPN service available, while I understand the fact that IF I was wanted badly enough, they could find me. I just don’t want people getting to me without a court order (as I don’t break any laws!)
Before reading your excellent article, I was wondering about NordVPN. I have PIA currently but feel like a change, not really sure why. Nord says two things which encouraged me, and I wonder if you could comment on these two points….
1. Based in Panama – outside the 14 eyes, safer?
2. They have DoubleVPN – I don’t really want to go near Tor network as I am sure that’s the best way to get spied on, but will it help in this case as my entrance is via a Panamanian based VPN?
Also, is it easy to set up a router as you suggested in one of your articles? Can you set a router up to use VPN all the time, and then connect to VPN on machine as well as and when needed?
Sorry, also !!….. do you know how the speeds compare between VPN providers as I like speed!
Thanks
Hi Ed, good points. The hypocrisy throughout the Western world is getting to be ridiculous. They can lock someone up for 10 years for downloading a song in the UK, but they will turn a blind eye to heinous crimes that happen every day. Corruption at the highest levels everywhere you look.
Regarding NordVPN, it definitely has pros and cons – check out the review here. Yes, you can definitely setup a VPN router to work at all times. And then, for an even higher level of protection, you can connect to the router with your computer, and then connect to another VPN server through your computer, thereby using two different VPNs at the same time. I’m actually testing this out right now with different routers. I’m using VPN.ac on the router and Perfect Privacy on my laptop.
Speeds can vary, but NordVPN did not have the best speeds when I ran the results. However, there are so many variables when it comes to speed, it’s tough to make definitive statements.
EEEEEEEEEEEEEEEEEEEEEXACTLY!
“heinous crimes that happen every day” – I more than get your drift, I know exactly what you’re talking about and it’s disgusting that it’s ignored for fear of being called a name, but meanwhile calling someone a name or saying something which might hurt someone’s feelings can land you in handcuffs and worse. It’s a joke.
I don’t think the VPN router option is viable for me, I really don’t know much about routers and settings etc, and would be more likely to make a mistake than I would with software i think. I will definitely keep it in mind for the future though.
For now, PP is the way I am going. I have another question though….
Tails and Tor Browser – It is my thinking that sometimes having a very odd or unusual set up attracts more attention than mixing with the crowd a bit more. For example using a Tor browser via VPN, would that not create a more unique browser fingerprint, by resisting giving any fingerprint?! My current thinking is using a version of Firefox which has some secure options set up, might be a bit less noticeable.
Tails – I was thinking of installing this OS and using all my VPN stuff through that OS. But for reasons given above, I wonder now if that’s more likely to flag something, than just using windows or mac, with good quality VPN.
Any thoughts?
Thanks again, I will be buying through your aff links to say thanks for the useful content.
Hi Ed, thanks! I think using the Tor browser with a good VPN service is one of the best options for more privacy. You blend in with all the other people using the Tor browser, so that’s a big benefit. With Perfect Privacy, you will also blend in with all the other people using the same IP address (they only use shared IP addresses) – another benefit for privacy. The Tor browser is just a hardened version of Firefox that includes many settings/tweaks that protect you from browser fingerprinting and other vulnerabilities. Firefox is also good, but it will need some basic modifications, such as disabling WebRTC.
I strongly advice against panamenian based vpn-s. They have a strong history and relationship with the Big uncle. Arrests and detentions have been made directly ordered in oder areas outside the internet realm. Sometimes in direct violations of neutrality laws… Just my 2 cents…
Hi Sven, thank for you reviews.
I have a question for you…because I could’t find this info..
All VPN providers have their main location (USA, UK, Japan, …) so we can decide how “safe” can be each provider for our privacy…
But what about their servers located in different parts of the world? Can they be influenced by local juridsiction?
I.e, I choose a VPN provider located out of 14 eyes counties, but I connect to one server in US (or UK…).
Is this server under US juridsiction or no? What that VPN provider can be forced to do, considering that that server is in US ?
thanks
Hi Fiore, so the operating jurisdiction will determine what laws the VPN company (business) must comply with. In other words, a Romanian VPN service will not need to comply with an American DMCA (copyright infringement) request. However, a server park (datacenter) would fall under the jurisdiction where it is located. So the answer to your question is yes – servers (datacenter) fall under the jurisdiction where they are physically located. So the VPN provider can’t be forced to do anything, but the police may seize servers in their jurisdiction if they are going after someone. This was the case last year when Dutch authorities seized two Perfect Privacy servers in Rotterdam (no customers were affected due to no logs being saved and the servers being operated in RAM disk mode). Servers could also be monitored externally by authorities, which I would assume is easily within the powers of the NSA or GCHQ – but who knows exactly.
This is where advanced privacy features come into play – such as multi-hop VPN chains and also NeuroRouting.
Hello,
Be careful with swizerland and Perfect Privacy ,they cooperate with Five eyes.
“Tier B countries with which the Five Eyes have “focused cooperation” on computer network exploitation, including Austria, Belgium, Czech Republic, Denmark, Germany, Greece, Hungry, Iceland, Italy, Japan, Luxembourg, Netherland, Norway, Poland, Portugal, South Korea, Spain, Sweden, Switzerland and Turkey;”
See these articles : https://www.privacyinternational.org/node/51 and https://en.wikipedia.org/wiki/Five_Eyes
Hello. The two Switzerland-based VPNs on recommended on this site are Perfect Privacy and VyprVPN. I would just point out that the reference to “Tier B countries” does not appear to be sourced from anything on either the Wikipedia page or the Privacy International article. I can’t find the original source or any other sources for this statement.
Additionally, it is only suggesting “cooperation” with “computer network exploitation” – but not data collection and sharing. Big difference. If you find any good sources on this “focused cooperation” of “Tier B countries” feel free to drop the links in the comments. Thanks.
Hey! Japan must be added too! Because Japan is a large surveillance country. And Japan is a strong ally with the United States. Trump has held Abe’s birthday party! He also handed the gift directly to Abe.
Hello, indeed, you are correct. I have added it to the list along with some different sources documenting close cooperation between Japan and the NSA. Thanks for the feedback!
Wow! Thank you for listening and correcting me.
Hello Sven, thank you for this overview as I think ppl seem not to care so much about the 5/9/14 eyes when it comes to VPN (my experience so far). I was thinking of getting a VPN (perfect privacy seems to be good choice) and was wondering if it makes sense at all to pay for the VPN service anonymously (like, via Bitcoin etc.)? Wouldnt a good VPN NOT log or store any payment information anyway? As in, you buy an account, but the VPN only sees that it’s paid but no further details. And IF you manage to buy it anonymously somehow, you still connect to the VPN with your REAL IP address, thus the VPN provider can see where you’re located via your IP and ofc it’s linked to a certain account. So what do you think? Buy VPN anonymously or not and trust the VPN?
Hi Jaxxx, good questions – but it’s hard to give definitive answers because some people seek more anonymity than others. Ultimately it depends on your threat level. Keep in mind, a VPN does need to do basic accounting if they are accepting payment in return for subscriptions. You mentioned Perfect Privacy – with that service you can pay via Bitcoin or even send cash in the mail to their accountant in Latvia. You can also use a throwaway email when signing up to acquire your password, and then use different throwaway emails if you need to contact support. Some VPNs don’t allow anonymous payment, others do.
For more anonymity, you can also stack VPNs. In other words, use VPN #1 on your router, and then connect to your router and use VPN #2 on your computer. And for more security/privacy, you can also use VPNs through virtual machines.
Sven, then should you ever filter privatevpn and Mullvadvpn in Sweden? mullvad and privatevpn do not keep logs at all.
Hi Jack, I haven’t tested either of those providers, but things aren’t looking good for the future of online privacy in Sweden – see this article.
Regarding “no logs” – you may be interested in this article.
woooowwwwwwww!
It is too bad. I think the answer is to avoid all 14 eyes.
According to Mullvad.s FAQ:
“Do you obey the EU Data Retention Directive?”
“The directive does not apply to Mullvad because we are not considered an electronics communications service. This is also the case for Sweden’s Lagen om elektronisk kommunikation (LEK).”