Surfing the web can be risky, especially if you are connected to a public Wi-Fi network. Anyone with a little know-how can see your personal information and web browsing history.
A Virtual Private Network (VPN) is convenient because it hides your real IP address and creates a private web browsing session. While VPNs promise to keep prying eyes at bay, there are questions about the logging practices of VPNs themselves.
So what are these concerns and should you be worried about VPN logs?
The problem with VPN logs
The most popular VPNs on the market claim to be “no logs” service providers, but the reality is that almost all VPNs keep logs of your activity to make sure service is maintained. Despite security audits and transparency gestures, there is no way to verify if a VPN is really providing service without logs.
VPN logs may not be a problem if you are only using the VPN to watch streaming services or access geo-restricted websites. But for journalists, lawyers, and political dissidents, distinguishing between the different types of logs kept by VPN services is key to personal safety.
Types of VPN logs
Most of the data that a VPN records falls into three categories. Some of these logs do not pose a major risk to your privacy, but there are sensitive logs that may expose you to government surveillance and cybercriminals.
1. Connection logs
The first type of logs a VPN can keep are connection logs. They are collected at the user or server level and are primarily used to improve or maintain VPN operations. Connection logs can include:
The original IP address.
IP address of the server.
Connection logs help service providers manage server traffic, prevent abuse, and keep the service running. Any VPN that limits simultaneous device connections per user primarily uses connection logs to enforce the limit. The data can also be used to optimize VPN performance and resolve user queries.
However, some connection logs can also allow a VPN service and law enforcement to identify you and your physical location.
If you are a privacy-conscious user, it is worth considering what type of data is saved and how long is it retained by the VPN provider. Some service providers automatically delete connection logs after a day or a week, but if your connection logs are kept for an extended period of time, it’s best to look elsewhere.
2. Traffic logs
Traffic logs are probably the worst type of VPN logs because they defeat the purpose of using a VPN. Traffic logs can include data such as:
Applications and software used.
We strongly recommend that you avoid a service that keeps any type of traffic logs.
VPN providers keep traffic logs to build a profile around a user and sell it to third party services and advertisers. These logs are mostly kept by free VPNs because they need to make money to keep their business afloat. Traffic logs expose you to cybercriminals and can easily lead to identity theft.
3. Usage logs
Usage logs, also known as activity logs, include data directly related to your online activity. They can include content such as:
Usage logs are usually deleted as soon as the VPN session is terminated. Because usage logs are kept for a short time, this type of logging might not be a major problem. But from a privacy standpoint, it’s best to avoid them.
What is a VPN without logs?
A VPN service without logs does not store any connection or activity data that can be used to identify you or trace your physical location. It will also not collect data transmitted through the VPN tunnel. A truly log-free service makes all user activity anonymous to ensure that no user is tied to a specific connection or activity on the VPN network.
VPNs without logs will only contain information such as your email address for registration and billing purposes. Some VPNs like ExpressVPN even allow you to pay with Bitcoin to keep the billing process private.
It is important to understand that a VPN with no logs does not have to be a VPN service with no logs. It’s virtually impossible for a VPN to not keep any logs and enforce restrictions like bandwidth and device limits. However, VPNs that do not collect any identifiable information are still classified as VPN without logs.
Popular VPNs without logs
While most VPNs claim no logs, only a handful of services keep this promise. Here are some log-free VPN services that you can use without worrying about your privacy.
ExpressVPN is one of the few VPN services with a proven no-logging policy.
He is based in the British Virgin Islands and enjoys privacy-friendly jurisdiction. The service has been independently audited and its privacy verified more than once.
ExpressVPN’s non-registration statement was verified in 2017 when Turkish authorities seized one of its servers to investigate the assassination of Andrei Karlov. The authorities could not find any identifiable information because no data was available.
2. Private Internet access
Private Internet Access (PIA) offers excellent security features with a strict no-logging policy.
It uses military-grade encryption, a kill switch, and DNS leak protection. Although its headquarters are in the United States, which is a member of the Five-Eyes Intelligence sharing alliance, its no-log claims have been proven, as has ExpressVPN.
NordVPN is one of the largest VPN service providers with over 12 million customers.
It is based in Panama, which does not fall under the jurisdiction of the Five-, Nine- or 14-Eyes alliance. This means that NordVPN can deny data access requests from third parties, so that your internet activity cannot be traced back to you.
Much like ExpressVPN and PIA, NordVPN has performed an independent audit to verify its non-logging statement. The audit confirmed that the company does not log IP addresses, traffic data or browsing activity.
Choosing the right VPN service
There are many variations when it comes to VPN logging policies. But as you can see, not all newspapers are bad. Certain types of data can help providers improve their services and resolve user queries.
However, it is nonetheless important to know what is logged, the purpose of the logging and how long they are kept before choosing a VPN. Go deeper into the VPN’s privacy policies to make sure they don’t collect personally identifiable information that may be linked to you.
VPNs have become indispensable online tools, but VPN scams can make them counterproductive.
About the Author