Users’ local IP addresses IP addresses assigned to users Connection and disconnection times Traffic data Personal communications while using the VPN DNS queries
Besides that, threats are rampant. If you jump onto a coffee shop’s public Wi-Fi hotspot, a savvy hacker could be watching your every move to steal your data and use it for identity fraud before you’ve even finished your latte. This is why so many users flock to VPNs. It’s a solution for those concerned with their online privacy. VPNs provide a secure, encrypted tunnel for you to browse in. But not all VPNs are created equal when it comes to your privacy. A lot of VPN providers proudly declare they have “no log” or “zero log” policies. But do they really? Is it possible to have no records of anything?
What is a No Log VPN?
Most companies keep a record or log of your activities to better serve you as a customer. An online shoe store might keep tabs on your purchases or search history on their site to give you better recommendations and promotions for when you return. But a good VPN guards your privacy. It’s not anyone’s business whether you’re checking out red high heels or running sneakers. Since a VPN sells anonymity online, there should be no trace that you even used it. A no log VPN is exactly what it sounds like. It means the VPN provider keeps no record or log of your browsing history or activity while you’re using their services. Even if law enforcement comes knocking on your VPN provider’s door demanding your history, there’s nothing there to show them. This means a true “no logs” provider keeps no records of:
Users’ real (local) IP addresses IP addresses assigned to users Connection and disconnection times Traffic data Users’ online communications DNS requests
While there are many great “no logs” VPN providers, there are at least as many that don’t have this kind of policy. VPN Unlimited, for example, claims to adhere to “no logs,” but actually does collect information about you, your device, and your location. It gets worse: some VPN companies haven’t adhered to their own policies:
Rather than sticking by its brand name, HideMyAss.com handed a hacker’s information over to the FBI. PureVPN and WANSecurity also provided details to law enforcement regarding a cyberstalker. In 2016, IPVanish, a provider with a “no logs” policy, handed over information about a user to the Department of Homeland Security, according to a court affidavit.
This isn’t to say that we condone using VPNs for this kind of illegal behavior. These cases just let us reach the conclusion that some VPNs do actually keep logs, and are willing to turn them over at their discretion.
Top 5 Best No Log VPNs
There are some top VPN providers that have proven themselves in regards to their “no logs” policies. We at VPNOverview feel it’s possible to be verified in several ways. It could be through court documentation and real-world activity, independent audits, or providing users exceptional transparency. We’ve taken a hard look at a lot of VPNs. While there are plenty of VPNs that claim a “no logs” policy, we wondered how many have actually proven themselves. Which VPNs can show you proof that they’ve stuck by their mission statement to provide users with total anonymity and privacy? The VPN services on this list are compatible with most devices and operating systems: Windows, Mac, iOS, Android and sometimes Linux. This allows you to rest easy knowing that no logs are being kept across any of your devices. Here’s our top 5 best VPNs that won’t log any of your online activity or data — with the proof to back it up.
1. NordVPN: Independently audited twice
NordVPN is already renowned for its security, but we’ve given the provider our top spot for its dedication to privacy. PricewaterhouseCoopers (PwC) Switzerland audited NordVPN not once, but on two separate occasions in 2018 and 2020. That was at NordVPN’s own request. Though these reports aren’t published online, they are available to NordVPN users. We’ve provided a description of how to view them later. PWC auditors had total access to NordVPN’s operations. After they observed those operations, interviewed employees, and inspected NordVPN’s servers and databases, auditors verified that NordVPN strictly adheres to its no-logs policy. That means NordVPN doesn’t keep local or assigned IP addresses you’ve used, your connection history, traffic logs, or DNS queries.
NordVPN: Privacy and security features
Location: NordVPN is headquartered in Panama, a privacy safe haven. Panama doesn’t have data-retention laws like the EU, UK, or Australia. Panama also isn’t a member of the 5 eyes, 9 eyes, or 14 eyes countries. Security: NordVPN offers 256-bit AES military-grade data encryption. This, along with their excellent firewall and well-protected servers, makes NordVPN’s safety top of the line. Speed: Speed used to be NordVPN’s weak point, but not anymore. It’s becoming one of the fastest providers available. It also offers very good P2P and torrenting speeds. It’s even able to unlock content like American Netflix. Account: All you need is an email, a payment method, and a password to create an account. So if you use an anonymous email service like ProtonMail, and a secure payment method like Bitcoin, NordVPN could provide total anonymity for those who want it. If you use another form of payment, like a credit card or transfer, you’d have to provide your personal banking information.
How to access NordVPN audit report
To read the PWC’s no logs policy report, you have to be a NordVPN user. If you’d like to dive into the findings, follow the instructions below.
2. ExpressVPN: Independently audited and verified
ExpressVPN is probably most well-known for its speed, security, user-friendliness, and number of servers around the globe. Those servers run on its TrustedServer technology and never write to the hard drive. All data is wiped with every reboot as they run on RAM only. On top of that, this VPN has proven itself repeatedly when it comes to privacy and its “no logs” policy. ExpressVPN was also independently audited by PwC, with the results showing that ExpressVPN strictly adheres to its privacy policy and commitment to anonymity. It’s also one of the best VPNs for online banking in our rankings. But ExpressVPN also showed its dedication to privacy in a high-stakes, real-world scenario. An ExpressVPN server was seized following the 2016 assassination of Russian diplomat Andrei Karlov by policeman Mevlüt Mert Altıntaş. Turkish media reported that Facebook and Gmail messages relevant to the investigation of the assassination were deleted by an unknown individual using the VPN. However, ExpressVPN was unable to help with the investigation, because there simply weren’t any logs to give authorities. “As we stated to Turkish authorities in January 2017, ExpressVPN does not and has never possessed any customer connection logs that would enable us to know which customer was using the specific IPs cited by the investigators,” ExpressVPN said in a statement. “Furthermore, we were unable to see which customers accessed Gmail or Facebook during the time in question, as we do not keep activity logs.”
ExpressVPN: Privacy and security features
Location: ExpressVPN is located in the British Virgin Islands. These Caribbean islands have different laws than Great Britain. There are no data retention laws, no 5 Eyes, 9 Eyes, or 14 Eyes alliances, and they aren’t required to cooperate with international investigations. Security: ExpressVPN offers military-grade, 256-bit AES data encryption, and well-protected servers. ExpressVPN provides its own DNS servers, so all requests are run through the same encryption and tunneling services. Speed: This VPN is also well-known as one of the fastest VPN providers, with the largest number of servers around the globe. It works especially well for streaming and torrenting. Account: All you need is an email and a password to create an account. So if you use an anonymous email service like ProtonMail, and a secure payment like Bitcoin, you could be completely anonymous.
How to access ExpressVPN audit report
If you’d like to read the PwC’s no logs policy report, you have to be an ExpressVPN user. Follow the instructions below. If you’re on the fence with NordVPN and ExpressVPN, check out our article comparing the two.
3. VyprVPN: Independently verified no logs report
VyprVPN is another one of our verified zero log VPN services. VyprVPN’s strict no-logging policy has been independently audited by Leviathan Securities. This audit is available publicly here. Leviathan auditors confirmed that VyprVPN doesn’t save any identifiable logs without user permission. It’s also worth noting that in the past, VyprVPN kept logs on their users, which they clearly stated in their terms and conditions. This and the independent audit provided a sense of transparency we like. Ever since they’ve instated their new logging policy, it appears they have stuck to it.
VyprVPN: Privacy and security features
Location: VyperVPN is located in Switzerland, long-known as a safe haven for privacy advocates. Security: VyprVPN owns its own server network, including its DNS servers. This allows them to ensure optimal safety and privacy. With no third parties involved in their services, the chances of DNS leaks are slim to none. VyprVPN is able to guarantee more online anonymity that users love. They use 256-bit SSL encryption and advanced protocols. Speed: This provider shows relatively good speeds for a VPN, but isn’t quite as fast as the providers above. Our testing showed a slight lag with downloading and gaming. Account: VyprVPN might ask you to share personal data, including your name, email address, phone number, payment information, and address. They offer credit cards and Paypal as payment options, so it might be harder to stay completely anonymous.
4. Private Internet Access (PIA): Proven in court
Private Internet Access (PIA) has a very strict zero log policy and has proven itself in real-world situations several times. The FBI subpoenaed PIA for logs in 2016, but PIA testified that there weren’t any to provide, according to court documents. Again, authorities called on PIA to provide logs in 2018, to which the provider testified it had nothing to show. PIA maintains a strict no-log policy and regularly provides updated transparency reports on subpoenas, warrants and court orders. The logs produced from seventeen legal process requests were zero. One of PIA’s selling points is its focus on security and privacy. The company said that, while it makes some things more difficult, like handling support tickets, sending outbound emails and dealing with abuse, its no logging policy makes customers’ anonymity and safety a top priority. To ensure privacy, browsing data is never stored on hard disks. It goes through a special null device. This is a virtual device that automatically treats any data sent through it as if it doesn’t exist. Once the information has been written to the null device, it becomes unretrievable. This is how PIA can guarantee its no-log policy.
PIA: Privacy and security features
Location: PIA is located in the United States, which is a member of the 5 Eyes, 9 Eyes and 14 Eyes alliances. This makes some privacy advocates nervous. Also, in theory, pushy agencies like the FBI or NSA could use a court order to monitor American users they deem suspect. However, there are no data retention laws in the United States. This means PIA isn’t obligated to store information for a specific period, as is often the case in Europe. And their track record proves they’ve got no logs to show. Security: PIA works with various strong protocols, including OpenVPN. Recently PIA has ensured that all of its VPN servers now support the new Wireguard protocol. It also has a SOCKS5-proxy. Speed: This VPN hasn’t performed as well on our speed tests, though it still ranks fairly high. Our testing showed a slowdown when using faraway servers. Account: All you need is an email and a password to create an account. So if you use an anonymous email service like ProtonMail, and a secure payment like Bitcoin, you could be completely anonymous. PIA provides you an “Order ID” after payment which allows you to communicate with the company.
5. CyberGhost: a transparency-minded VPN
CyberGhost is another provider that makes the list because of its focus on privacy. While CyberGhost hasn’t had any independent audits or court appearances since 2012, we like their transparency. Every three months, CyberGhost releases transparency reports. They were the first VPN to do these kind of reports when they started in 2011, and they’ve released them ever since. The company regularly updates its users on police requests, abuse, and malicious activity complaints. For example, they had 25 international police queries during the first quarter 2021 after criminal activity was tracked to CyberGhost IP addresses. “We generally get police requests from various law enforcement agencies and police departments from around the world. Representatives contact us after they’ve traced back an IP address to one of our data centers. They’re usually looking for logs to help with their investigation,” CyberGhost said in the report. “Because we have no data to show, we have not complied with any of these requests.”
CyberGhost: Privacy and security features
Location: CyberGhost is located in Bucharest, Romania, outside of the 5 Eyes, 9 Eyes and 14 Eyes alliances. Though they are a member of the EU, they don’t follow the same privacy laws as the rest of Europe. Romania has twice repealed data retention laws it deemed unconstitutional. Security: CyberGhost uses various strong protocols, including OpenVPN and the new, innovative protocol WireGuard. It’s one of the best VPNs for Iran or other censorship-heavy countries. Speed: It’s a fast VPN, though not as fast as our top 2. Our speed tests showed some slow down on downloading and streaming speeds, as well as when using faraway servers. Account: You’ll need an email and password to sign up. You can pay anonymously with Bitcoin, but all other payments are made through a third-party, Cleverbridge. Cleverbridge is reputable when it comes to privacy. CyberGhost will have you activate a customer serial number so you can anonymously sign up.
The Takeaway
We’ve tested dozens of VPN services and consider many factors, including speed, geo-unblocking, and user-friendliness. Certain VPNs, like Malwarebytes Privacy VPN, claim to follow a “no log” policy, though they collect quite a bit of information. Others, like HotBot VPN, have a “no log” policy, but might collect data through marketing partners or their website. Even so, privacy, security, and a proven no log policy remain essential. Which of the five VPNs named in this article you choose, depends on your personal preference, and what other features you find important. Whichever you choose, we’ve found proof that these VPNs truly keep no records or logs of activity. There are other names, like iTop VPN and AirVPN, but they lack in other performance areas. When interested parties come looking for logs, your provider should protect you by offering up nothing, because there’s simply nothing to show them.
