When you visit a VPN website, it will most probably say something on the lines of “zero logs” or “total anonymity” or maybe “we don’t monitor your data.”
All VPN companies make bold claims on their home pages. But if you look deeper and go through their privacy policies, you might find something different.
But wait, who actually goes through privacy policies and terms and conditions? I agree that it’s not possible to read through the privacy policies of all services but when it comes to services that secure our privacy, it’s important to see how they perform.
If they engage in data mining, targeted advertising, or any invasive practices, make sure you stay away from them.
Setting up a VPN company takes money and resources. You need to have servers in multiple countries.
There are only two ways you can get free VPN services. Maybe a company wants you to try their services so they provide limited data each month so you can move to a paid plan. Or maybe they monitor your activities and store your data to be sold to a third party.
How much do they store and for how long?
It’s important to see what data they store. If a VPN stores only session durations and timestamps, you might think this partial logging won’t harm you. But the truth is that partial logging can reveal your true identity to the authorities.
Also, try to find out how long they store your data. If the data is wiped out as soon as the session ends, it’s safer than a permanent log. If they store your data for months, it means they can use it for targeted advertising or just handing it over to the government when they get a warrant.
Already using a VPN?
There are several VPNs that offer money-back guarantees. Most of these guarantees are limited to 30 days. So if it has been only a few days since you bought their services and you found out that that keep usage logs, you can opt-out and get your money back.
What exactly are VPN logs?
When you use a VPN, the provider can see everything you do – your real IP, the websites you open, how long you’ve been on a page, what data you sent, and every other thing you did online.
However, a good VPN provider will not keep a log of these details. If a company logs all these details, it might sell them to make profits.
As discussed earlier, there are some companies that store small details such as timestamps (when you used the VPN and when you stopped using it), and other small details. These details can be helpful if they are investigating a case.
So what you should be looking for, is an absolute logless VPN. Keep in mind that some data is used for improvement purposes. For example, the app crash log is kept by several companies to see if their app crashes too often and under what circumstances.
This is different than IP logs where the real IP address of the user is stored. If a VPN stores your IP address, it’s a big red flag.
Look for warrant canaries
When a company receives a gag order, it cannot inform its users that it has helped the government. So to let their customers know, some companies maintain warrant canaries.
Warrant canaries are web pages present on VPN companies that signify that they have not received any subpoenas from the government. If a VPN company removes their warrant canary page, it means that they have received a subpoena.
They cannot inform users that they received a gag order. Instead, they put a warrant canary that serves this purpose.
And of course, if a company doesn’t keep any logs, receiving a warrant won’t mean anything because they won’t have anything to share with the government anyway.
However, several VPN users consider warrant canaries as useful as it tells them when a company has received a gag order.
Learning the lesson
The good thing is that many VPN companies understand that users like to read their privacy policies and hence they keep them short and simple.