VPN logging policies

By Jayden Andrews. October 16, 2019

Owing to increase surveillance and cybercrimes, one of the top concerns that consumers have is the need for increased anonymity. Many of these users look to VPNs as their solution to privacy concerns. So, it makes sense that they don’t want to move from ISP tracking to another company doing the same. These subscribers want to know whether their VPN service is tracking and monitoring their information and usage. And if so, to what extent? Perhaps what they need to know most is what is done with the information.

So, before settling on a particular VPN, there is a lot of work to be done. Luckily, this guide will make that work more straightforward. In this article, we will look at VPN logging policies to help you choose the best VPN service. Specifically, we will explain the different records, what makes up acceptable logging, when VPN logging becomes an issue, and how long your provider should keep logs. We will also explain the definite link between jurisdiction and logging policies, especially in terms of the Fourteen Eyes and Five Eyes countries.

Top VPNs
1NordVPN
Rating:
9.8
Price from:
$3.49/mo
2Surfshark
Rating:
9.6
Price from:
$1.99/mo
3CyberGhost
Rating:
9.4
Price from:
$2.75/mo

Introduction

Let’s clear the confusion in the air. Most providers use the term zero-logging or no-logging policy very liberally, mainly to attract potential buyers. In reality, though, this is rarely the case. While it would be ideal if all VPNs services keep no logs at all, sometimes, tracking is inevitable. VPN providers may set their logging levels for several reasons. They could only be interested in controlling their broadband traffic to ensure better performance for all their users. For this reason, they might keep usage logs, such as the amount of bandwidth used and the time connected to the VPN. As you can see, logging isn’t necessarily bad, and it might even benefit you. As long as your logs aren’t revealing your personal information and the actual address, you shouldn’t worry much about it. What is scary, though, is that some VPNs log beyond what is necessary.

Just imagine all the times you have been checking your bank accounts, reading emails, or even shopping online while in a line at the coffee shop or the doctor`s office. Have you ever thought that someone might be keeping tabs on the network traffic? If you haven`t, here is the real danger. Unless you are using a VPN, any personal data transmitted through such networks could be vulnerable to eavesdropping by strangers.

The encryption and anonymity that a VPN service offers help to secure your online activities. Virtual Private Networks are usually used by corporations to protect their sensitive data. But now that privacy has become such an important subject, the use of personal VPNs is gaining popularity. In fact, there are several good reasons to use a VPN. Here are just a few of them:

What kind of data does your VPN provider logs about you, and your usage?
How long does your VPN keep those logs?
Where is your VPN provider situated?
Best VPN offers

Surfshark$1.99 / moSave 83%NordVPN$3.49 / moSave 70%Outbyte VPN$5.00 / moSave 38%

What Are VPN Logs?

VPN logs comprise data that providers keep regarding your usage of their service. Since your provider can access all your internet activity, anything that your ISP would ordinarily see is now accessible to your VPN service. So, if a provider logs and store all that data, it would make no sense to use it, and would no doubt result in losing many customers. That is why most of the best VPN services are shifting their focus and strategies to meet the needs of privacy-conscious individuals. Ideally, the fewer the logs, the more appealing the service is. And this brings us to the commonly used terms, including ‘no logging’, logless, or zero logging. Most providers assert that they don’t retain logs, when in reality some keep a minimum number of records. In most cases, the ambiguity arises when there is no clear classification of the different logs that they might preserve.

Types of VPN Logs

Connection logs usually include the amount of bandwidth consumed and timestamps that a VPN server used. Sometimes, this information is collected on an aggregate basis, while at other times, the VPN provider attaches it to a user account. When it comes to privacy, information collected aggregately is relatively harmless, but logs tied to a user account can be a bit trickier. It all boils down to the nature of records and whether the data is linked to any sensitive information.

01

Connection Logs

By connecting through a VPN, you can hide your real location. Outbyte VPN enables you to choose from 80 VPN server locations in any of the 48 countries, spreading across Europe, the Asia Pacific, the Americas, and the Middle East & Africa. Subscribers can obtain an IP address from any gateway location the VPN service provides. For example, you may live in London, but with a VPN, you can appear to be from Berlin.

02

Usage Logs

As the name suggests, these logs basically store your online browsing data, including your browsing history, connection times, and IP address. Usage logs are usually associated with free VPNs and are generally more invasive than connection logs. These providers track your online activity and use it for commercial purposes.

03

Error Logs

Error logs constitute data that providers capture about an issue or a problem with your VPN service. While these logs may include personal information like your IP address or username, they are used exclusively for troubleshooting flaws and improving the performance of the VPN service.

Are Logging Policies That Important?

Safe And Dangerous Logs

When you reroute your traffic through a VPN, your ISP can no longer monitor what you do on the internet. While that might be good news, your VPN provider has that power. How they decide to use it entirely rest with them. That is why it is necessary to understand the kind of logs VPN providers keep. They usually cover it in their logging policy. Within this document, VPN providers must explicitly explain the information they will track about their subscribers and how long they will keep such data. VPN logs can be potentially dangerous to users. Governments or law enforcement agencies of the nation where the VPN provider is based have the legal right to force the company to surrender its logs. These enforcers might only go after VPN records in extreme cases like acts of violence or terrorism. But who knows, they may use the same law to compel VPN providers to hand over their user data. If privacy and security are vital to you, then it is a smart option to choose a non-logging VPN provider. And if the VPN collects a few logs, make sure it is not keeping data that can be linked to your user account. Such a VPN offers more anonymity and protection.

  • Server Load: Tracking server load times helps a provider know which locations are more popular. With this information, the provider can allocate extra servers to where they are needed to prevent congestion at peak times.
  • Bandwidth Usage: If not linked to your real address, there is nothing to worry about bandwidth usage data. This information can help the provider to identify users who misuse the service. It can also come in handy when troubleshooting errors.
  • PN Server Location: Tracking VPN server location shouldn’t be a concern. This information is mainly used to provide a more customized technical support and advice.Now, let’s look at the type of logging that you don’t want your VPN provider to do. It should be a concern if your provider tracks anything connected to your personally identifiable information (PII), including:
  • Internet traffic or online activity, such as your browsing history, downloaded files, software used, the content of your communication, and even your purchase history.
  • Your real IP address and physical location: An IP address could be easily linked to an individual and should, therefore, be treated as PII.

Elements of a Good Logging Policy

01

Logging Policy Should Exist

The majority of reliable VPN providers will provide a clear link to logging policy on their website. They may label it as a privacy policy or use a similar name. So, if a potential provider hasn’t provided a logging policy, that should be a sign that it is hiding something.

02

Easy to Understand

Ideally, logging systems should be explained in plain English. Unfortunately, some of them are tricky to decipher. You should stay away from any policy that uses technical jargon.

03

Not Too Short

A logging policy should be long enough to cover all the crucial details. It is pretty hard to judge VPNs that only state that they don’t log data. You want to be sure they are not collecting your personal information in some other ways. It is even better to call them to clarify what’s not clear on their logging policies.

04

Stores Logs for a Short Time

While long is a relative term, you should not engage with any provider that keeps your data forever. The shorter the time, the better. Of course, you also have to consider the logs they are collecting.

05

When Should a Provider Get Rid of Logs?

By now, you know that VPNs collect some data about their users. But what may not be clear is how long they maintain these logs. Typically, the duration varies from one VPN to another. Some may keep records for a couple of hours, while others may keep them for six months or even more. As a safety measure, choose a VPN that stores connection logs for 30 days or less. Keeping logs for about 30 days is long enough to help with recent troubleshooting issues, but not long to be a concern.

Jurisdictions and Logging Policies

Another factor worth mentioning within the context of VPN logging policies is the location of a VPN provider. Specifically, it is essential to understand the surveillance laws of the country where your provider is based. So, if your VPN tracks some data, its jurisdictions matters. Countries that are part of the Five Eyes (FVEY) and Fourteen Eyes impose laws that force VPN companies to hand over logs to the government when requested. For example, the Investigatory Powers Bill in the UK allows the storing of logs and keeping them for 12 months. The Five Eyes is an alliance or an intelligent pact between the countries that took part in the UKUSA agreement. The FVEY include:

  • The United Kingdom
  • USA
  • New Zealand
  • Australia
  • Canada

You might have also heard of the Fourteen Eyes, which basically refers to an extended group of surveillance nations that include an additional nine countries:

  • France
  • Norway
  • Denmark
  • Netherlands
  • Germany
  • Italy
  • Spain
  • Belgium
  • Sweden

All these countries tend to have intrusive laws and may also share signal intelligence with each other. That said, choosing a provider in any of the above countries might not necessarily mean you are at risk. As long as your provider collects nothing personally identifiable, there is nothing to worry about.

Do you like this post? 1 Star2 Stars3 Stars4 Stars5 Stars