Surfing the web can be risky, especially if you’re connected to public Wi-Fi. Anyone with a little know-how can see your personal information and web browsing history.

A Virtual Private Network (VPN) comes in handy as it masks your real IP address and creates a private web browsing session. Although VPNs promise to keep prying eyes at bay, there are questions raised about the logging practices of VPNs themselves.

So, what are these concerns and should you worry about VPN logs?

The Problem With VPN Logs

Most popular VPNs on the market claim to be “no-logs” service providers, but the reality is that almost all VPNs keep some logs of your activity to ensure that the service is maintained. Despite the security audits and transparency gestures, there is no way to verify whether a VPN really provides a no-logs service.

VPN logs may not be an issue if you are using the VPN just for watching streaming services or accessing geo-restricted websites. But for journalists, lawyers, and political dissidents, distinguishing between the different types of logs kept by VPN services is key to personal safety.

Types of VPN Logs

Most of the data that a VPN logs fall into three categories. Some of these logs do not present a major risk to your privacy, but there are sensitive logs that can expose you to government surveillance and cybercriminals.

1. Connection Logs

The first kind of logs that a VPN may keep are connection logs. They are collected at the user or server level and are mostly used to improve or maintain VPN operations. Connection logs can include:

  • The originating IP address.
  • Server IP address.
  • Connection timestamps.
  • Bandwidth usage.

Connection logs help service providers manage traffic on servers, prevent abuse, and keep the service running. Any VPN that limits simultaneous device connections per user mostly uses connection logs to enforce the limit. The data can also be used to optimize the VPN performance and troubleshoot user queries.

Related: Who Can Track Your Data When Using a VPN?

However, some connection logs can also allow a VPN service and law enforcement agencies to identify you and your physical location.

If you’re a privacy-conscious user, it’s worth considering what kind of data is being logged and how long is it kept by the VPN vendor. Some service providers automatically delete connection logs after a day or week, but if your connection logs are kept for an extended period of time, it’s better to look elsewhere.

2. Traffic Logs

Traffic logs are probably the worst kind of VPN logs as they defeat the purpose of using a VPN. Traffic logs may include data like:

  • Downloaded files.
  • Purchase history.
  • Apps and software used.

We strongly recommend avoiding a service that keeps any type of traffic logs.

VPN providers keep traffic logs to build a profile around a user and sell it to third-party services and advertisers. These logs are mostly kept by free VPNs as they have to make money to keep their business afloat. Traffic logs expose you to cybercriminals and can easily result in identity theft.

3. Usage Logs

Usage logs, also known as activity logs, include data directly related to your online activity. They can include content like:

  • DNS requests.
  • Usage metadata.
  • Websites visited.

Related: Can VPNs Stop Websites Tracking You?

Usage logs are usually deleted as soon as the VPN session is over. Since usage logs are kept for a short duration of time, this type of logging may not be a huge concern. But from a privacy viewpoint, it’s best to avoid them.

Many providers who log activity data communicate it in their privacy policy; however, there are services which don’t explicitly explain collecting activity data.

What Is a No-Logs VPN?

encryption

A no-logs VPN service doesn’t store any connection or activity data that can be used to identify you or trace your physical location. It will also not collect any data transmitted through the VPN tunnel. A truly no-logs service makes all users’ activity anonymous to ensure that no user is tied to any specific connection or activity on the VPN network.

No-logs VPNs will only contain information like your email address for the purpose of registration and billing. Some VPNs like ExpressVPN even let you pay with Bitcoin to keep the billing process private.

It’s important to understand that a no-logs VPN doesn’t necessarily have to be a “zero-logs” VPN service. It’s practically impossible for a VPN to keep zero logs and enforce restrictions like bandwidth and device limits. However, VPNs that do not collect any identifiable information are still classed as no-logs VPNs.

VPN-tunnel

While most VPNs make a no-logs claim, only a handful of services deliver on this promise. Here are a few no-logs VPN services that you can use without worrying about your privacy.

1. ExpressVPN

ExpressVPN is one of the few VPN services with a proven no-logs policy.

It’s based in the British Virgin Islands and enjoys privacy-friendly jurisdiction. The service has been independently audited and its privacy protection has been verified more than once.

Read More: Why ExpressVPN Should Be Your First Choice for a VPN

ExpressVPN’s no-logs claim was verified in 2017 when the Turkish authorities seized one of its servers to investigate the assassination of Andrei Karlov. The authorities couldn’t find any identifiable information because there was no data available.

2. Private Internet Access

Private Internet Access (PIA) offers excellent security features with a strict no-logs policy.

It uses military-grade encryption, a kill-switch, and DNS leak protection. Although it’s headquarters is in the US, which is a member of the Five-Eyes Intelligence sharing alliance, its no-logs claims have been proven, just like ExpressVPN.

3. NordVPN

nordvpn

NordVPN is one of the largest VPN service providers with over 12 million customers.

It’s based in Panama which falls outside the jurisdiction of the Five-, Nine-, or 14-Eyes alliance. This means that NordVPN can deny third-party data access requests, so your internet activity can’t be traced back to you.

Related: What Is "Five Eyes" Surveillance? VPN Users, Beware!

Just like ExpressVPN and PIA, NordVPN has completed an independent audit to verify its no-logs claim. The audit confirmed that the company doesn’t log IP addresses, traffic data, or browsing activity.

Choosing the Right VPN Service

There’s a lot of variation when it comes to VPN logging policies. But as you can see, not all logs are bad. Certain data types can help vendors improve their services and troubleshoot user queries.

However, it’s nonetheless important to know what gets logged, the purpose of logging, and how long they are kept before choosing a VPN. Dig deeper into the VPN privacy policies to ensure that they don’t collect Personally Identifiable Information that can be tied back to you.