Is your VPN collecting your data?
Is your Virtual Private Network as private as it should be?
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Despite the fact that a Virtual Private Network (VPN) is, by its very name, supposed to be private, some VPNs keep logs of users. This is common withfree VPNswhich often do so to sell data to third parties or create a profile for targeted advertising. Not all logging is quite so sinister, however. Some VPNs keep logs to monitor performance or to enforce usage limits.
Browsing the web is like taking a stroll on a beach. Every step you take (or website you visit), leaves a footprint that can be tracked. Your IP address acts like a digital footprint, revealing your approximate location and potentially your identity. You can use a VPN to hide your tracks and browse privately, as a VPN encrypts the data you send over the internet, making it unreadable to unauthorized users. VPNs also help prevent third parties such as your ISP, hackers, or snoopers from intercepting sensitive information, be it your passwords or credit card details.
The practice of data logging is concerning, particularly when logs link to your identity. Even thebest VPN servicescan suffer a data breach with personal information surfacing on the dark web and used to commit identity theft. Browsing data may even be shared with governments which, in countries with widescale online censorship, could result in legal consequences.
What data might a VPN collect?
The data a VPN collects starts with signup. In the majority of cases, this is nothing nefarious. Most VPNs require you to provide an email address for communications and payment information for billing purposes.
Here’s some of the data a VPN may collect:
Connection logs
A VPN may keep connection logs to troubleshoot issues or to manage and optimize their network. Many VPNs keep connection logs although not all are identifying. Those that are should only be temporary and deleted at the end of each session. Types of connection logs include:
Usage logs
Usage logs help enforce data limits, particularly in the case of free VPNs. However, VPNs keeping activity logs (the websites you visit) are best avoided as this data can identify you. Examples of this information include:
Device information
It’s not uncommon for VPNs to keep device information. However, as with connection logs, this may be to help a VPN provide better support or improve performance. This on its own is non-identifying and self-explanatory, examples of such information could be:
How to find out what data your VPN is collecting
There are multiple avenues to find out if a VPN is collecting your data:
1. Read the VPN’s privacy policy
Look for sections on data collection and how that data is used. Often the difference between a quality VPN and a shady service is how accessible and easy to understand this information is.
2. Check for third-party audits
An increasing number of VPNs are subjecting their logging policies to independent audits in order to verify their no-logs claims. These audits should be carried out by reputable security or accounting firms. For example, NordVPN’sno-logs policyhas been audited by Deloitte.
3. Contact customer support
Privacy policies don’t always make for the easiest or most intelligible reading. If you have any doubts, get in touch with your VPN’s support. Their responsiveness and transparency can be an indicator of how seriously they take your privacy.
In exploring the above, you may encounter some warning signs. Here are a few to look out for:
Does data collection always put you at risk?
No, not all data collection puts you at risk. Some data is non-identifying and used for legitimate purposes such as managing a server network or enforcing connection limits. Yet some information, be it IP addresses or browsing history, can identify you. That’s why privacy policies are so important because they can help you determine if a VPN meets your privacy needs.
Why is a privacy policy important?
A VPN’s privacy policy is essential when trying to find out if your VPN is collecting your data. It does the following:
A quality VPN privacy policy will raise awareness and build transparency through the use of clear, detailed language.
Not everyone will mind if a VPN logs some non-identifying data. The level of acceptable logging depends on your individual privacy requirements. Knowing where to look (as well as the warning signs to look for) helps you avoid any VPNs that are likely to compromise your privacy.
Mark is a Tech Security Writer for TechRadar and has been published on Comparitech and IGN. He graduated with a degree in English and Journalism from the University of Lincoln and spent several years teaching English as a foreign language in Spain. The Facebook-Cambridge Analytica data scandal sparked Mark’s interest in online privacy, leading him to write hundreds of articles on VPNs, antivirus software, password managers, and other cybersecurity topics. He recently completed the Google Cybersecurity Certificate, and when he’s not studying for the CompTIA Security+ exam, Mark can be found agonizing over his fantasy football team selections, watching the Detroit Lions, and battling bugs and bots in Helldivers 2.
Should your VPN always be on?
3 reasons why PIA fell in our best VPN rankings
Herman Miller Aeron gaming chair review: premium, highly customizable comfort
