4 Best No-Log VPNs – AUDITED, Zero logs, No Bullshit

Share or tell us what you think in the comments!

A strict no-log VPN policy is essential to ensure anonymity and privacy when using a VPN. The best zero log providers even went to the extent of doing an independent audit to prove they truly do not keep any personally identifiable information and comply with their privacy statement. But why No-Log policy is so important? Which VPN actually does not keep any logs?

A strict no-log policy is a way to tell a VPN provider is trustworthy and values your privacy. The information that is kept on the server can tell a lot about your browsing habits, reveal your identity, and which websites at what time were visited.  That’s why getting rid of them to protect your privacy is a must.

A VPN provider that keeps your browsing activity logs could be treated just like another ISP. It would not provide you any privacy or security online and your real IP address, websites you visit including files you download can still be known.

A VPN providers’ job is to ensure your privacy and anonymity and prevent authorities, surveillance agencies, and advertisers snooping on you. Keeping logs on the servers would defeat the whole purpose of why VPNs were created for in the first place.

Let’s be real – running a VPN service with a huge amount of servers without any logging is not feasible. It’s almost impossible to do so. Having said that, VPN providers probably still have a time frame where they actually log what’s really happening on their network when debugging or implementing new features.

Even if it does not sound good, but there’s nothing to worry about. Usually, these logging activities are very temporary, and trustworthy VPN providers delete everything after finished their technical work.

Another important point to make is that a country’s law where the VPN provider’s company is registered really matters.

Some countries require IT companies to keep specific logs for a specified duration and comply with the data retention laws. Even though almost every VPN says they do not keep any logs, it is important to take an extra step to investigate where are they based and read their Privacy Policy page. Additional research will make it more clear and help understand the risks of what could possibly be logged.

It is not a deal-breaker to pick a VPN that is based in a country that belongs to data-sharing alliances such as 5/9/14 Eyes. This, of course, could introduce some additional risk to your privacy, but generally respectful companies find their way to comply with their zero-log policies.

Even though almost all VPN providers state that they have a no-log policy, however, some of them just play with words. There are still certain types of logs that could be kept on their side. Here’s what types of logs a VPN might keep:

  1. Connection
  2. Usage and traffic
  3. Real-time
  4. General information about the customers
  5. Client-side

Connection logs are the basic and most obvious information that could be logged. This includes:

  • Your IP address
  • The websites you’re trying to reach domain name
  • The website’s IP address
  • The connection timestamp
  • The amount of data transferred

These types of logs are pretty shallow and do not tell much about what exactly you did online. Connection logs are mainly used for optimizing the server’s work by load balancing the users that are connecting to the VPN service. Most of such information is aggregated and is not personally identifiable.

These logs are the ones that tell most about your online activities and are always asked by authorities as evidence in case of criminal activity. Usage logs can tell what files you downloaded or what time and where did you visit. They can tell if you used torrenting or even tried accessing the Tor network.

The whole browsing history is logged and could be seen in a timeline. All this data is stored on the VPN providers database and usually sold to advertisers or handed over to authorities for further processing. All these logs can be personally identifiable and can be related to the certain VPN user.

Every process that takes place on a VPN server has some type of output that could be monitored in real-time. These-real time logs are either stored in a database or discarded (in Linux OS pointing logs to /dev/null discards them permanently).

Even if logs are discarded, the real-time monitoring is still possible and every VPN provider has the power to do so. In most cases, the real-time logs are aggregated and can show the technical parameters such as the amount of data that travels via the VPN network.

Your VPN provider definitely keeps general information about the user, especially related to payments (otherwise they won’t be able to charge for a subscription). This information might include:

  • Your account username (email)
  • Password (encrypted and secured, hopefully)
  • Payment history
  • Payment details (Credit Card details, PayPal)

If you are worried about privacy, some VPNs offer to pay with cryptocurrencies. Paying with Bitcoin you gain more anonymity since it’s harder to link your VPN user account to a real person.

Mostly all VPN apps generate logs on the client-side. This means that the information is stored on your device. Client-side logs are used for debugging purposes and usually are asked by customer support if you encounter any technical issues.

A VPN strict no-log policy does not include these logs since they are out of the VPN provider’s control. Only you can edit or delete those files from your device. Client-side logs mostly contain technical information on what’s happening under the hood of the application – they report authentication problems, crashes, and so on.

A Warrant Canary is usually a single page a VPN provider can have to warn its users that some sort of legal action was taken against the service. If everything runs smoothly, this page clearly states that neither surveillance agencies nor other authorities have contacted them or issued a secret subpoena.

In the case a secret warrant served to a VPN provider, it is forbidden by law to openly communicate about it, therefore, a Warrant Canary method is used. A transparent VPN provider tries to inform its users that they might be monitored by removing the clear statement from their Warrant Canary page leading to assumptions that a warrant has been issued and service might be watched.

Nowadays almost every VPN provider advertises the “No-logs” policy, but the reality is different. It became such a manipulative term in the industry and lost its initial true meaning that zero logs are kept as you would assume.

Now, this term is so tricky and requires an in-depth look at each privacy policy to determine if any kind of logs are collected.

Zero Logging advertised as a feature

Let’s take as an example a VPN that advertises zero-log as its feature:

However, after some search, we can find their actual log keeping policy and it states as follows:

As we can see that a VPN advertises Zero-logs, but the truth is not really as it seems. Some VPNs actually keep connection and usage logs (including the websites you visit) and monitoring their user’s activity which is not what you want if you care about your privacy.

Due to common false claims about no-log policy, some top-notch VPNs did an independent third-party audit to prove their claims that they do not keep any personally identifiable information.

ExpressVPN has proven again that it’s one of the best VPNs in the industry that keeps zero logs. The independent privacy audit was done by the experts of one of the Big 4 auditing firms – PricewaterhouseCoopers.

The results of the audit proved that all VPN servers were in compliance with ExpressVPN’s privacy policy. There were no activity logs or connection logs collected.

The auditors tested the TrustedServer technology too. This is an extremely privacy-focused feature. It means that the servers run without a hard-drive only on a RAM-disk. This means that logs can not be stored anywhere on the server and all data is wiped completely every time a server is rebooted.

Another ExpressVPN’s app security audit was done by another cybersecurity firm Cure53. No high or critical security issues were found and by quoting ExpressVPN themselves: “nothing was found to fundamentally impact the core security and privacy”.

ExpressVPN stays on the top of the industry as the most privacy-focused and secure VPN provider that does not keep any logs.

ExpressVPN Logo Horizontal
  • 160+ locations and 3000+ servers
  • Strict No-Log policy
  • Unlimited streaming (Netflix, Hulu, BBC iPlayer)
  • Strong military-grade AES 256-bit key encryption
  • Kill Switch, Split tunneling and RAM-disk servers
  • 30-day money-back guarantee
  • Windows, MacOS, iOS, Android and Linux support
  • Fast speeds and reliable connections
  • NordVPN has done an independent audit by PricewaterhouseCoopers AG which is one of “the BIG 4” auditing firms. With the results, the service could back up the claims about no-logging on their servers. There is absolutely no information collected that could identify the users.

    This move without any precedence by NordVPN raised transparency of their product with the hope that other VPNs would also follow the practice in the future.

    Another audit of the NordVPN’s app security was also done by the security research group VerSprite which specializes in software vulnerabilities.

    Android, iOS, Windows, and Mac applications were tested in which no critical vulnerabilities were found. Results were 7 high-level, 6 medium-level, and 7 low-level issues that were fixed immediately after the audit was done.

    Besides the public audit, NordVPN is based in Panama, which as a good jurisdiction in regards to privacy laws and no-log policy compliance. It is one of the best all-rounded services for privacy in the industry.

    NordVPN logo
  • 5200+ global servers in 59+ countries
  • CyberSec malware and ad-blocking protection
  • Next-generation encryption with double VPN servers
  • Obfuscation technology that masks VPN traffic
  • Strict no-logs policy
  • Works with Netflix and good for streaming
  • Lightning fast with P2P support
  • 30-day money-back guarantee
  • VyprVPN was actually the first VPN provider that released the independent audit reports on their no-logging policy of this magnitude. Advised by the Levathian security group they switched from barely collecting a few logs to a completely zero-log VPN service.

    This Switzerland based service proved that no data is collected by this independent third party audit. The extensive publicly posted research by Levathian group indicated the areas where VyprVPN had to fix to fully transition to a no-log service and fixed the issues immediately.

    Currently, the service stays compliant with its zero-log claims and does not collect any personally identifiable information.

    Also, it’s quite a good service in general as it works great with streaming and unblocking access to websites from countries like China or the UAE.

    VyprVPN Logo Horizontal
  • Audited No-Log VPN
  • High-Speed Streaming
  • Chameleon technology hides VPN traffic and protects from DPI
  • High-End Encryption/ NAT Firewall
  • OpenVPN, IKEv2, L2TP/IPsec, PPTP protocol support
  • Available on all platforms Win, Mac, iOS, Android
  • 24/7 customer support
  • 30-day money-back guarantee

  • Surfshark comes as an honorable mention as it did the independent audit for its Browser extensions. The audit was done by well-known auditors at Cure53. Just like ExpressVPN, this provider is based in The British Virgin Islands which is great for the no-log claims.

    However, as the scope of the audit was not very extensive, it can not be stated or proved by the results that they truly do not collect any personal information.

    This provider clearly states in their privacy that it does not keep any data that could identify users or their online activities though.

    Surfshark No Log policy

    Surfshark is a new-ish and rising VPN service, that already proved itself by the privacy-focused features and is much better than some of the older players in the market.

    Surfshark VPN logo horizontal
  • 1700+ global servers in 61+ countries
  • CleanWeb ad-blocking feature
  • Secure and strong encryption with OpenVPN
  • Whitelister, Multi-hop VPN and kill switch
  • No-logs policy
  • Works with Netflix and good for streaming
  • Great speeds
  • 30-day money-back guarantee
  • A strict no-log VPN policy is important to ensure your ultimate privacy and anonymity when using a VPN. Any data collected could identify who you are, what websites you visit, or what files you download.

    Unfortunately, a tendency in the VPN industry is that everyone says they keep no logs, when in fact, they do. Some more transparent VPN providers such as ExpressVPN went to the extent of doing a third party independent audit to prove their claims. While there are more VPNs that truly do not keep logs, but the ones mentioned did the audit and can be trusted the most.

    Share or tell us what you think in the comments!

    Add a Comment

    Your email address will not be published. Required fields are marked *