VPNs, when managed properly, are a great way to protect your privacy and keep your online activities hidden from prying eyes. But not all VPN services maintain the same security standards or take the exact same approach to user privacy.
How does your VPN handle your data? When the police or governments come knocking, what does your VPN do? The history of law enforcement subpoenas of VPN logs is murky to say the least. Major VPNs can get hundreds of data requests per year, but what they turn over is not so straightforward. I’ll try to clear the water and help you understand how your data is being handled and how safe it truly is.
VPN warrants and data request handling
VPN providers typically receive two different kinds of data requests, those regarding copyright violations through a DMCA (Digital Millennium Copyright Act) request or requests from law enforcement or government authorities following up on other possible illegal activity.
By far the most common are DMCA requests, which can oftentimes range in the tens of thousands per month. Law enforcement requests are much less common and may range on average from a few per week to one per day for the largest VPN companies.
Our best overall Pick for VPNs
We can get a more accurate glimpse of these numbers by looking at each VPN provider’s transparency report (more on those later) posted on their website. Our top pick, ExpressVPN, states that in the period from July to December 2023, they received 194 total “Government and/or police requests” and 152,653 DMCA requests. Another extremely popular service, NordVPN, reports 81 total “inquiries from government institutions” from January to April 2024 and an astounding 2,421,053 DMCA requests — clearly NordVPN is the people’s choice for illegally pirating material. For what it’s worth, both companies state that none of these requests resulted in the disclosure of user information.
Other popular services such as Private Internet Access (PIA), CyberGhost, ProtonVPN, and Surfshark also post this data on their websites. PIA received 161 total “government demands for user data ” in the first four months of 2024, while Cyberghost and ProtonVPN received a fraction of these across all of 2023, a total of three and 60 respectively. Surfshark has unfortunately not updated their transparency report since 2021, but as an interesting aside, they used to break down which specific companies and countries had submitted data requests — a third of which came solely from the U.S.
Surfshark’s 2021 annual report shows a heat map of data requests from each country’s government.
Surfshark’s 2021 annual report shows a heat map of data requests from each country’s government.
Surfshark
Surfshark’s 2021 annual report shows a heat map of data requests from each country’s government.
Surfshark
<div class="scrim" style="background-color: #fff" aria-hidden="true"></div>
</div></figure><p class="imageCredit">Surfshark</p></div>Most VPN providers claim to have a no-logs policy. What this means is that they do not collect and store user data transmitted through their network. In a perfect world, no data about where you go online, what you download, or what your search for is recorded. Whether or not a VPN lives up to these standards is an issue that warrants its own separate discussion.
Even with these no-log promises, it doesn’t stop law enforcement or other authorities from attempting to subpoena that data when it thinks an illegal activity has been committed over a VPN’s servers. And when they come calling, there isn’t much a VPN can do to stop them.
In 2016, U.S.-based IPVanish was served with a Department of Homeland Security “summons for records” requesting user data about a suspected felony. After initially claiming they had no information to give, the company subsequently turned over some data on that user to the government.
<div class="wp-block-product-widget-block product-widget is-half-width is-float-right">
<div class="product-widget__block-title-wrapper">
<h4 class="product-widget__block-title" id="a-top-vpn-with-great-features">
A Top vpn with great features </h4>
</div>
<div class="product-widget__content-wrapper">
<div class="product-widget__title-wrapper">
<h3 class="product-widget__title" id="private-internet-access">Private Internet Access</h3>
</div>
<div class="product-widget__image-outer-wrapper">
<div class="product-widget__image-wrapper">
<img decoding="async" width="300" height="300" class="product-widget__image" src="https://images.idgesg.net/images/article/2018/02/pia-vpn-100748660-orig.jpg?quality=50&strip=all" loading="lazy" alt="Private Internet Access" sizes="(max-width: 300px) 100vw, 300px" />
</div>
</div>
<div class="review product-widget__review-details">
<img decoding="async" class="product-widget__review-details--editors-choice-logo" src="https://www.pcworld.com/wp-content/uploads/2021/09/PC-ED-CHOICE.png" alt="Editors' Choice" loading="lazy" /> <div class="product-widget__rating-and-review-link">
<div class="product-widget__review-details--rating">
<div class="starRating" style="--rating: 4.5;" aria-label="Rating of this product is 4.5 out of 5"></div>
</div> <a class="product-widget__review-link" href="https://www.pcworld.com/article/403379/private-internet-access-vpn-review-4.html" target="_blank">Read our review</a>
</div>
</div>
<div class="product-widget__information">
<div class="product-widget__information--rrp-wrapper">
<span class="product-widget__information--rrp-label">
</span>
<span class="product-widget__information--rrp-value">
</span>
</div>
<div class="product-widget__pricing-details ">
<span class="product-widget__pricing-details--label">
Best Prices Today:
</span>
<span class="product-widget__pricing-details--links-wrapper">
<a class="product-widget__pricing-details--link" href="https://www.tkqlhce.com/click-100470607-14087873?sid=2-1-2367508-5-245796-16451&url=https://www.privateinternetaccess.com/buy-vpn-online" target="_blank" data-vars-product-name="Private Internet Access" data-vars-product-id="245796" data-vars-category="Security Software and Services" data-vars-manufacturer-id="16451" data-vars-manufacturer="London Trust Media" data-vars-vendor="Private Internet Access" data-vars-po="" data-product="245796" data-vars-link-position-id="005" data-vars-link-position="Product Sidebar" data-vars-outbound-link="https://www.privateinternetaccess.com/buy-vpn-online" rel="nofollow">$11.95 at Private Internet Access</a> </span>
</div>
</div>
</div>
</div>Other documented instances include a data request in 2016 to PIA and a 2017 request for logs from PureVPN, both by the FBI. PIA remained true to their no-logs word by proving they had nothing to give the authorities, while PureVPN went on to secretly work with the FBI to provide an IP address of a user leading to an arrest.
There are also instances where more extreme measures were taken against VPNs. In 2017, ExpressVPN famously had its servers seized by the Turkish authorities. No data was obtained as a result, further bolstering ExpressVPN’s no-logs claims.
While it’s undoubtedly crucial that authorities receive the help they need
Autentifică-te pentru a adăuga comentarii
Alte posturi din acest grup
I find that writing up a to-do list takes a lot of the guess work out
What if your laptop always had a 5G internet connection wherever you
Interest in Sonos’s smallest portable speaker is heating up—literally
Free alternatives may exist for Microsoft Office components, but some
E-commerce giant Amazon is now expanding its automotive business to i
