• Skip to main content
  • Skip to header right navigation
  • Skip to site footer
RestorePrivacy

RestorePrivacy

Resources to stay safe and secure online

  • Tools
    • Secure Browser
    • VPN
    • Ad Blocker
    • Secure Email
    • Private Search Engine
    • Password Manager
    • Secure Messaging App
    • Tor
    • Identity Theft Protection
    • Unblock Websites
    • Privacy Tools
  • Email
    • Secure Email
    • ProtonMail Review
    • Tutanota Review
    • Mailfence Review
    • Mailbox.org Review
    • Hushmail Review
    • Posteo Review
    • Fastmail Review
    • Runbox Review
    • CTemplar Review
    • Temporary Disposable Email
    • Encrypted Email
    • Alternatives to Gmail
  • VPN
    • What is VPN
    • VPN Reviews
      • NordVPN Review
      • Surfshark Review
      • VyprVPN Review
      • Perfect Privacy Review
      • ExpressVPN Review
      • CyberGhost Review
      • AVG VPN Review
      • IPVanish Review
      • Hotspot Shield VPN Review
      • ProtonVPN Review
      • Atlas VPN Review
      • Private Internet Access Review
      • Avast VPN Review
      • TorGuard Review
      • PrivadoVPN Review
    • VPN Comparison
      • NordVPN vs ExpressVPN
      • NordVPN vs PIA
      • IPVanish vs ExpressVPN
      • CyberGhost vs NordVPN
      • Surfshark vs NordVPN
      • IPVanish vs NordVPN
      • ExpressVPN vs PIA
      • VyprVPN vs NordVPN
      • CyberGhost vs ExpressVPN
      • NordVPN vs HideMyAss
      • ExpressVPN vs ProtonVPN
      • ProtonVPN vs NordVPN
      • ExpressVPN vs Surfshark
      • Surfshark vs CyberGhost
      • Surfshark vs IPVanish
    • Best VPNs
      • Best VPN for Torrenting
      • Best VPN for Netflix
      • Best Free VPN
      • Best VPN for Fire TV Stick
      • Best VPN for Amazon Prime
      • Best VPN for Android
      • Best VPN for Gaming
      • Best VPN for PC
      • Best VPN for Disney Plus
      • Best VPN for Hulu
      • Best VPN for Mac
      • Best VPN for Streaming
      • Best VPN for Windows
      • Best VPN for iPhone
    • VPN Coupons
      • ExpressVPN Coupon
      • NordVPN Coupon
      • VPN Black Friday
    • VPN Guides
      • Free Trial VPN
      • Cheap VPNs
      • Static IP VPN
      • Chrome VPN
      • No Logs VPN
      • VPN for Binance
      • WireGuard VPN
      • VPN for Linux
      • VPN for Firefox
      • VPN for BBC iPlayer
    • By Country
      • Best VPN Canada
      • Best VPN USA
      • Best VPN UK
      • Best VPN Australia
      • VPN for Russia
    • VPN Router
  • Password
    • Best Password Managers
    • KeePass Review
    • NordPass Review
    • 1Password Review
    • Dashlane Review
    • LastPass Review
    • Bitwarden Review
  • Storage
    • Best Cloud Storage
    • pCloud Review
    • Nextcloud Review
    • IDrive Review
    • SpiderOak Review
    • Sync.com Review
    • MEGA Cloud Review
    • NordLocker Review
    • Tresorit Review
    • Google Drive Alternatives
  • Messenger
    • Secure Messaging Apps
    • Signal Review
    • Telegram Review
    • Wire Review
    • Threema Review
    • Session Review
  • News
  • Info
    • Mission
    • Press
    • Contact
  • Tools
    • Secure Browser
    • VPN
    • Ad Blocker
    • Secure Email
    • Private Search Engine
    • Password Manager
    • Secure Messaging App
    • Tor
    • Identity Theft Protection
    • Unblock Websites
    • Privacy Tools
  • Email
    • Secure Email
    • ProtonMail Review
    • Tutanota Review
    • Mailfence Review
    • Mailbox.org Review
    • Hushmail Review
    • Posteo Review
    • Fastmail Review
    • Runbox Review
    • CTemplar Review
    • Temporary Disposable Email
    • Encrypted Email
    • Alternatives to Gmail
  • VPN
    • What is VPN
    • VPN Reviews
      • NordVPN Review
      • Surfshark Review
      • VyprVPN Review
      • Perfect Privacy Review
      • ExpressVPN Review
      • CyberGhost Review
      • AVG VPN Review
      • IPVanish Review
      • Hotspot Shield VPN Review
      • ProtonVPN Review
      • Atlas VPN Review
      • Private Internet Access Review
      • Avast VPN Review
      • TorGuard Review
      • PrivadoVPN Review
    • VPN Comparison
      • NordVPN vs ExpressVPN
      • NordVPN vs PIA
      • IPVanish vs ExpressVPN
      • CyberGhost vs NordVPN
      • Surfshark vs NordVPN
      • IPVanish vs NordVPN
      • ExpressVPN vs PIA
      • VyprVPN vs NordVPN
      • CyberGhost vs ExpressVPN
      • NordVPN vs HideMyAss
      • ExpressVPN vs ProtonVPN
      • ProtonVPN vs NordVPN
      • ExpressVPN vs Surfshark
      • Surfshark vs CyberGhost
      • Surfshark vs IPVanish
    • Best VPNs
      • Best VPN for Torrenting
      • Best VPN for Netflix
      • Best Free VPN
      • Best VPN for Fire TV Stick
      • Best VPN for Amazon Prime
      • Best VPN for Android
      • Best VPN for Gaming
      • Best VPN for PC
      • Best VPN for Disney Plus
      • Best VPN for Hulu
      • Best VPN for Mac
      • Best VPN for Streaming
      • Best VPN for Windows
      • Best VPN for iPhone
    • VPN Coupons
      • ExpressVPN Coupon
      • NordVPN Coupon
      • VPN Black Friday
    • VPN Guides
      • Free Trial VPN
      • Cheap VPNs
      • Static IP VPN
      • Chrome VPN
      • No Logs VPN
      • VPN for Binance
      • WireGuard VPN
      • VPN for Linux
      • VPN for Firefox
      • VPN for BBC iPlayer
    • By Country
      • Best VPN Canada
      • Best VPN USA
      • Best VPN UK
      • Best VPN Australia
      • VPN for Russia
    • VPN Router
  • Password
    • Best Password Managers
    • KeePass Review
    • NordPass Review
    • 1Password Review
    • Dashlane Review
    • LastPass Review
    • Bitwarden Review
  • Storage
    • Best Cloud Storage
    • pCloud Review
    • Nextcloud Review
    • IDrive Review
    • SpiderOak Review
    • Sync.com Review
    • MEGA Cloud Review
    • NordLocker Review
    • Tresorit Review
    • Google Drive Alternatives
  • Messenger
    • Secure Messaging Apps
    • Signal Review
    • Telegram Review
    • Wire Review
    • Threema Review
    • Session Review
  • News
  • Info
    • Mission
    • Press
    • Contact

VPNs are Lying About Logs

October 8, 2017 By Sven Taylor — 4 Comments
VPN logs lies

Do you believe what your VPN says about its logging policies?

Be careful.

A recent court case in Massachusetts has once again proven that some VPN services with “zero log” policies are indeed keeping logs and handing this information over to authorities.

In this guide we’ll examine the recent case and other examples to illustrate what’s going on and how you can protect yourself.

Here’s what you need to know.

Law enforcement vs “no logs”

PureVPN was recently caught red-handed.

The Department of Justice just published a complaint involving a cyberstalking case. The case involved a US resident who was allegedly stalking and harassing people while using PureVPN.

The relevant section of the complaint appears at the bottom of page 22:

purevpn logs arrest

While it is difficult to determine exactly what details these “records” (logs) contained, it is clear that enough information was provided for law enforcement officials arrest the PureVPN user on cyberstalking charges.

The FBI complaint above clearly appears to contradict the PureVPN privacy policy – notably this section here:

purevpn policy
The PureVPN user above was clearly not “invisible”.

But this isn’t the first time law enforcement agencies have rained on the “no logs” VPN party.

According to a post on WipeYourData (site is now offline), a user of the “absolutely no logs” EarthVPN service was arrested with the help of “connection logs” obtained by police. While the post is short on details, it states Dutch police used these “connection logs” to arrest the EarthVPN user for allegedly making bomb threats.

earthvpn logs

When the story broke, EarthVPN allegedly blamed the datacenter where the server was located, but commenters suggested that the VPN may have handed over information to police. (There’s no way to know for sure and the original report is short on details.)

And finally, there’s also the case with HideMyAss.

According to Invisibler, Hide My Ass VPN, the UK-based VPN service, appears to have cooperated with US authorities in handing over logs in a hacking case. This led to the arrest of a hacker in what is known as the “LulzSec fiasco”.

There are likely more examples that we will never know about where VPNs have handed over customer data (logs) to authorities.

Contradictory “no logs” claims

Further adding to the confusion is that there is no standard definition of “logs” or “no logs” used across the VPN industry. As you will see below, many VPNs come up with their own convoluted definitions.

Here are two examples where the marketing claims seem to contradict the privacy policies.

Example 1: Betternet

betternet vpn logs

Betternet privacy policy:

Betternet may collect the connection times to our Service and the total amount of data transferred per day… Betternet uses third-parties (the “Third Party”) for advertisement. Third Party may use technologies to access some data including but not limited to cookies to estimate the effectiveness of their advertisements.

Example 2: PureVPN

zero logs purevpn
PureVPN has a “Zero Log policy”.

Now returning again to the PureVPN privacy policy, notice the first and second-to-last sentences:

purevpn logs connection data
Nothing to see here folks…

Apparently keeping “connection and bandwidth” is part of PureVPN’s “zero log policy”.

It seems many people will just look for the “no logs” claims on the homepage and never read the fine print in the privacy policy.

These contradictory claims are fairly common with VPNs.

Red flags with VPN logs

How do you know if you can trust what your VPN says about logs?

There is no concrete answer here, but you can watch out for these red flags:

  • Contradictory statements – Compare the marketing statements to the privacy policy. If they contradict each other, you may have a problem.
  • Restrictions + “no logs” – If a VPN is enforcing restrictions, this often requires some form of logging. While connection restrictions can perhaps be implemented in real time, bandwidth restrictions require logging.
  • Jurisdiction – VPNs in certain jurisdictions, such as the US and UK, may be compelled to hand over information to government authorities. VPNs in the US, for example, can be forced to monitor/log their users by government authorities while being prohibited from disclosure (gag orders).

VPN logs are generally a grey area.

Reading the fine print will help you sort through the noise.

How to protect yourself

Here are five ways to protect yourself from a VPN service or server that may be compromised:

  • Verified “no logs” claims – There have been two examples where “no logs” claims have prevailed over law enforcement. Private Internet Access had their “no logs” claims tested and verified in US court last year. In another example, Perfect Privacy had two of their servers seized in Rotterdam (also reported by TorrentFreak). According to Perfect Privacy, customer data remained safe due to the server configuration and their strict “no logs” policies.
  • Multi-hop VPN – One way to protect yourself if a VPN server is compromised is through a multi-hop VPN configuration. A multi-hop configuration will help to mask incoming and/or outgoing traffic. Bot OVPN and Perfect Privacy offer self-configurable multi-hop VPN chains with up to four servers. VPN.ac offers 18 different double-hop configurations.
  • VPN + Tor – If done correctly, using a VPN in combination with the Tor network can further protect users (but performance will drop significantly).
  • Multiple VPN services – Using more than one VPN service at the same time will also provide more anonymity. A simple way to implement this setup would be to use one VPN on a router, and then connect to that network through another VPN on your computer/device. Implementing this technique with virtual machines is another option. (The main drawback will again be performance.)
  • Privacy-friendly jurisdiction – Choosing a VPN that is outside the 5/9/14 Eyes surveillance countries may offer further protection. Nonetheless, this is no silver bullet. As we saw with PureVPN, being operated in Hong Kong does not mean they won’t cooperate with US authorities.

VPN logs are not necessarily a bad thing. It all depends on your threat model and how much privacy and online anonymity you seek to achieve.

Many VPN providers keep some logs and clearly explain this on their website. The key is to understand what’s going on with these policies, look for honest and transparent providers, and take extra precautions if you want to achieve higher levels of online anonymity.

And for more info on this topic, check out our guide on no logs VPNs that have been verified and proven true.

About Sven Taylor

Sven Taylor is a digital privacy expert who has been writing about privacy and security online since 2016. With a passion for digital privacy and online freedom, he created RestorePrivacy to provide you with honest, useful, and up-to-date information about online privacy, security, and related topics.

Reader Interactions

Comments

  1. Phantom

    August 18, 2021

    Even ProtonVPN is a cheat. By default they do not log but when demanded by any authority or some third party then ProtonVPN will start to log activity as well as login-logout time of an IP using its services. Even I was shocked when it was used against me.

    Also the ProtonMail is not at all safe, only the email contents are encrypted but the sender email and receiver email are out in open for their employees to access. So if a sender is using some third party mail then the email can be found. Lastly ProtonMail stores the private key on their server which they can use to decrypt emails when they want to.

    Read more on John McAfee’s revelations related to the privacy and VPN services. Yes! It’s shocking and true.

    Reply
    • unknownuser534

      September 17, 2021

      What are you talking about? The recent environmentalist incident was a result of a Swiss court order, making Proton start logging the user’s IP address. For one thing, Proton didn’t give them IP logs from before the court order, only after they were legally compelled to do so. Second, because the user was using ProtonMail, the Swiss authorities couldn’t actually access his emails or their contents, because they’re encrypted, and Proton would not be able to unencrypt them. The only reason the guy was even caught was because of the fact that their IP wasn’t hidden. Had he been using something like ProtonVPN or Mullvad, the Swiss government wouldn’t have been able to do anything.

      Reply
      • Phantom

        November 9, 2021

        That person was actually using both ProtonVPN and ProtonMail, not just ProtonMail.

        Reply
  2. Ringo

    July 3, 2020

    ya you use send people cease and desist letters for running a torrent, when you run a newsgroup server that carries all the alt.bin ….

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Sidebar

Digital Privacy Essentials:
Secure Browsers
Private Search Engines
Secure Email
Best Password Managers
Secure Messaging Services
Best Ad Blockers
Best VPN Services
Secure Cloud Storage

Privacy & Security Guides:
Privacy Tools
Alternatives to Google Products
Firefox Privacy Modifications
Five Eyes, 9 Eyes, 14 Eyes Spying
Browser Fingerprinting
Is Tor Safe?
Alternatives to Gmail
VPN vs Tor
Alternatives to WhatsApp
Is Your Antivirus Spying on You?
Controlling Communication Channels is Crucial for Privacy
Anonymity Networks: VPNs, Tor, and I2P
How to Really Be Anonymous Online
Private and Anonymous Payments

Secure Email Reviews:
ProtonMail Review
Tutanota Review
Mailfence Review
Mailbox.org Review
Hushmail Review
Posteo Review
Fastmail Review
Runbox Review
CTemplar Review
Temporary Email Services
Encrypted Email

Password Manager Reviews:
Bitwarden Review
LastPass Review
KeePass Review
NordPass Review
Dashlane Review
1Password Review
Best Password Managers

Secure Messaging App Reviews:
Wire Review
Signal Review
Threema Review
Telegram Review
Session Review
Wickr Review

Secure Cloud Storage Reviews
Tresorit Review
MEGA Cloud Review
Sync.com Review
Nextcloud Review
IDrive Review
pCloud Review
SpiderOak Review
NordLocker Review

How To Guides
How to Encrypt Files on Windows
How to Encrypt Email
How to Configure Windows 10 for Privacy
How to use Two-Factor Authentication (2FA)
How to Secure Your Android Device for Privacy
How to Secure Your Home Network
How to Protect Yourself Against Identity Theft
How to Unblock Websites
How to Fix WebRTC Leaks
How to Test Your VPN
How to Hide Your IP Address
How to Create Strong Passwords
How to Really Be Anonymous Online

About RestorePrivacy

Contact

Archives

  • June 2022
  • May 2022
  • March 2022
  • February 2022
  • January 2022
  • November 2021
  • September 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • December 2020
  • June 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • November 2019
  • October 2019
  • July 2019
  • March 2019
  • August 2018
  • July 2018
  • June 2018
  • April 2018
  • March 2018
  • October 2017
  • January 2017

Categories

  • Advanced Privacy Guides
  • Featured
  • News and Reports

Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

RestorePrivacy Checklist

  1. Secure browser: Modified Firefox or Brave
  2. VPN: NordVPN (68% Off Coupon) or Surfshark
  3. Ad blocker: uBlock Origin or AdGuard
  4. Secure email: Mailfence or Tutanota
  5. Secure Messenger: Signal or Threema
  6. Private search engine: MetaGer or Swisscows
  7. Password manager: NordPass or Bitwarden

Support this Project

RestorePrivacy was created to provide you with honest, useful, and up-to-date information about online privacy and security topics. You can support this project through donations, purchasing items through our links (we may earn a commission at no extra cost to you), and sharing this information with others. See our mission here.

RestorePrivacy is also on Twitter

We’re available for Press and media inquiries here.

COPYRIGHT © 2022 RESTORE PRIVACY, LLC · PRIVACY POLICY · TERMS OF USE · CONTACT · SITEMAP