NordVPN Logs – What Logs Do They Keep? Can you be identified?
/
When a VPN service provider wants to provide efficient troubleshooting or capacity planning, it will log events in the system – in other words, save log files.
The no-logs policy is an important aspect to consider when looking for a VPN service.
It’s just a statement of how the provider “doesn’t” keep your logs.
But in most cases, it shows what kind of records they keep, for how long and for what purpose.
For more information on NordVPN, read our full review of the service.
Why do we need a no-logs policy?
Any person or company with access to the infrastructure that handles Internet traffic can install a packet sniffer (or DPI) and easily examine your traffic. But who has access to the infrastructure that handles your traffic?
According to this graph from the NordVPN website, when using a VPN, four agents are denied from reading your traffic:
- pirates? If you share a WiFi Access Point (AP) to access the internet with anyone from the coffee shop visitors to your neighbour, they can turn on the packet sniffer and read some of your traffic.
- ISP? If you feel comfortable and safe at home making sure your internet is just for you, think again. Your ISP has access to every packet in your traffic.
- government? Governments, especially from Five Eyes Alliance countries, will undoubtedly require your local ISP for traffic logs (or even redirect traffic through a proxy/firewall, as is the case for China) to monitor βunusualβ traffic and censor on her.
- big company? If you are connected to the Internet within a corporate or university network, it is possible that your traffic is being monitored or restricted by a proxy or a firewall. In addition, the administrator may be curious enough to install a packet sniffer and read your unencrypted data.
The solution (as you already know) is to use a VPN. A VPN creates a kind of encrypted tunnel between the VPN client and server and lets you go out of the internet with a completely new identity. Two planes in one shot: encrypted (gibberish) traffic and new Internet identity (server IP addresses).
Noticeable:
A VPN service provider is the last (and fifth) proxy that can access your internet traffic logs. Yes, the VPN provider has your identity (with data leak protection) completely covered from source to VPN server. However, the server knows your source IP address and has the key to decrypting your traffic.
In other words, the VPN server knows your secrets. How can you be sure they protect your secrets? This is where a no-logs policy comes in.
What should a no-logs policy look like
Before we delve deeper into NordVPN’s logs, let’s see what kind of logs or data a VPN service can keep from you, and what they can do with it?
VPN Service providers typically collect usage and connection logs. Usage logs contain sensitive information – pretty much everything that goes against the purpose of privacy. They contain your IP address, the amount of data transferred, the web services and websites you visit, and other sensitive metadata.
On the other hand, VPN connection logs do not contain sensitive information. VPN providers use connection logs for troubleshooting or prediction. These logs may include the amount of data per connection, timestamps, IP address of the VPN server, etc.
But usage logs and connection logs aren’t the only things to consider. When getting a new VPN, keep the following in mind:
- Country where the VPN operates: Look for VPN services located in countries that have flexible data collection and retention laws. VPN providers in countries that adhere to the Five Eyes surveillance agreement are required to keep records to comply with the law. Although they do not easily give up your records to government agencies to protect your privacy, the government has the upper hand and can order audits or records, especially when investigating criminal activity.
- Type of personal data they request when signing up: Email and payment information should be enough to get a VPN subscription. Never include information such as your address, full name, or other personally identifiable information.
- What payment options are available?: Your bank account or credit card is very personal. Some VPN providers give the option to pay with cryptocurrency, such as Bitcoin, to keep your payments completely anonymous.
- Is VPN Paid or Free?: Paid VPN services retain data for troubleshooting or expansion purposes. Free VPN will keep your records to sell for marketing or intelligence services. In addition, free VPN services keep bandwidth logs to enforce bandwidth limits. A paid VPN can also keep bandwidth logs during a trial period before the 30-day money-back guarantee expires.
Despite their ability to try, no VPN service provider is immune to data leaks. But what can go wrong? A disgruntled employee in a data center could take customer data and sell it on the dark web, a data center could run VPN software with unpatched servers and be the target of an attack, or a country’s government could also request logs to a VPN provider.
NordVPN Logs
NordVPN promises to protect your privacy with a “No Log VPN Service” policy. But how does this policy work? And what kind of logs does NordVPN keep?
You can read NordVPN’s full privacy policy here.
NordVPN collects your email address for registration purposes. Obviously, for payment purposes, they collect payment data such as credit and debit card numbers and country information. Fortunately, NordVPN supports payments via cryptocurrency to improve your anonymity in payment.
You can sign up and pay for NordVPN with cryptocurrency, without leaving any trace of your identity. NordVPN accepts popular cryptocurrencies such as Bitcoin, Dash, Litecoin, XRP, Monero, Ethereum, and Ripple. Even NordVPN encourages “stealth skills,” meaning not just dumping your personal data, using your second name, and possibly a new email address and other online privacy best practices.
In which country does NordVPN operate?
NordVPN is headquartered in the Republic of Panama, a country with no data retention laws, and far from the prying eyes of Five Eyes Monitor member states. This means that no government authority or third-party agency has the authority to contact NordVPN’s office and request users’ records.
What about usage and connection logs?
According to NordVPN’s Privacy Policy: We do not store connection time stamps, bandwidth used, traffic logs, IP addresses, or browsing data.
So, what records do they keep? To monitor server performance and find the most suitable, NordVPN needs to track certain parameters of the VPN server, including CPU, RAM, and network usage. Username and timestamp (the time you connect to the server) are also collected to limit the total number of concurrent users. NordVPN deletes this information 15 minutes after the session ends.
NordVPN also collects the following information from the client’s VPN software:
Collected logs from your customer such as crash error reports.
Anonymous apps usage statistics include search, push notifications opened, events viewed on content, etc.
The NordVPN client detects the type of device you are using, including the operating system.
When you use your mobile device, NordVPN logs the device ID.
Audit the no-logs policy
NordVPN is one of the only VPN providers that has conducted an independent audit of its no-logs policy for two consecutive years. To prove they are trustworthy, NordVPN has hired an independent auditor company (PricewaterhouseCoopers AG) to conduct a thorough audit of their logging policy.
See NordVPN’s report for audit findings.
last words
A no-logs or no-logs policy is a statement that discloses the way a VPN company handles your logs.
this is important:
For 80% of the logs collected, there is nothing you can do apart from trusting what the VPN provider says. For the remaining 20%, you can adjust your settings on the VPN client, hash (create access policies), never post private information, use HTTPS and stay away from illegal activities.
When it comes to NordVPN, its no-logs policy helps its current and potential customers build trust with the company: first, by putting everything they do with your logs into the policy, and second, by conducting regular private audits. These actions confirm the Company’s commitment not to keep records of users’ personal information.
conclusion? NordVPN does not collect any personal information that could threaten your identity. Technical information collected from servers and customers is used for troubleshooting and capacity planning.
[ad_1]
Don’t forget to share this post with friends !
