VPN Logs: Everything you need to know

VPN Logs: Everything you need to know

VPN Logs are a confusing topic for many people shopping for a new VPN service.

These days, most providers claim to be ‘Zero-Log’ or keep ‘No Logs’. But what does that even mean? And can you really trust them?

In this guide, we’ll try to expose the truth about VPN logs and logging policies, what information VPN logs contain, and the grey areas and loopholes you should watch out for.

What information do VPNs log?

Not all VPN logs are created equal. Logfiles and the information they contain can range from anonymized connection metadata to invasive logging of your browsing history, usage patterns and online activity.

There are two main types of VPN logs:

  1. Connection (Metadata) Logs
  2. Usage/Activity Logs (such as browsing or download history)

1. Connection Logs

Connection Logs are a minimal form of VPN logging and are the least invasive to your privacy. However, connection logfiles that include IP addresses can theoretically be used to identify a single VPN account, and should not be used for torrenting.

Connection logs are basically a simple record of the incoming/outgoing connections for a VPN server. They usually consist of one or more of the following pieces of data:

  • Incoming IP Address (Your computer’s IP address)
  • Outgoing IP Address (The IP address assigned to you by the VPN server)
  • Time Stamp (start/end of VPN session + duration)
  • Data Usage (amount of data transferred during the session)

Connection logs are also known as ‘Metadata’ logs because they while they contain data about the VPN session, they don’t actually include the content of your encrypted VPN usage.

What are Connection Logs used for?

Connection logs are mainly used to help the technical team troubleshoot issues and improve the VPN service. They can also help track data like bandwidth usage for VPNs that limit your monthly data usage.

In some jurisdictions, data retention laws require VPN providers to maintain and store these types of logs for a specified period of time (usually 3-6 months).

The USA doesn’t have any data retention requirements for VPNs, and treats them separately from Internet Service Providers (which do keep logs for up to 2 years).

In fact, 2 of our favorite non-logging VPNs are based in the USA: Private Internet Access and IPVanish.

2. VPN Activity Logs (Usage Logs)

VPN Activity & Usage logs are the ones your really need to worry about.

These are the kinds that your Internet Service Provider (ISP) may keep, and some low-quality VPNs keep (often to sell to advertisers).

‘Free VPNs’ are some of the worst offenders when it comes to activity logging.

Activity & Usage Logs may include:

  • Your web browsing history (lists of websites you’ve visited)
  • Products you research or purchased
  • Search history (even google searches can be hijacked)
  • Files you’ve downloaded
  • Apps/protocols you use (BitTorrent, Netflix, Skype…)

As you can see this type of logging can be incredibly invasive to your privacy. The good news is that none of the VPN’s we recommend on this site keep these types of logs.

However, there are definitely some prominent VPN companies that do log extensively, especially the free ones.

This is why we recommend avoiding free VPN services at all costs, especially when transferring sensitive data like passwords, or torrent traffic.

Running a VPN company costs money. They have to provide servers, support, technicians, advertising, and security. So it makes you wonder, how do free VPN’s make their money? The answer is that many free VPN’s either sell advertising, or they sell your data, or both!

How long are VPN Logs kept?

So a VPN is saving some information about you, but how long do they keep these logs for? The duration that logs are kept makes a big difference in terms of the privacy and anonymity that you’re actually receiving from that VPN provider. The length that a vpn provider may store these logs can vary widely, from no logs at all, to 24 hours, to 6 months or more!

How does log recycling work?
When I VPN provider recycles/purges their data logs, they don’t do them all at once. Instead it’s more like your DVR service where it deletes old tv shows to make room for new ones.

For example, if a VPN has a 15 day log retention period, they will always have your activity from the most recent 15 days on file. When a new day starts, they’ll delete the oldest day of data to make space for the data from the current day.

Log Policy & Length for well-known VPNs

VPN ProviderLog TypeLength
IBVPNConnection/Metadata15 Days
SwitchVPNConnection/Metadata1 day
ExpressVPNConnection/MetadataUnspecified
HidemyassConnection/Metadata3 Months (or more)
NordVPNNo Logs0
IPVanishNo Logs0

How to read a VPN privacy policy & spot loopholes

These days, most VPNs are claiming to be ‘Non-logging’ just to stay competitive in a crowded marketplace. After all, nobody wants a VPN to log more information about you, right?

But many of these ‘logless’ claims are suspect and have either been proven false, or have enough wiggle room as to be worthless.

So we’ll teach you how to read a privacy or logging policy from a VPN provider, to help determine what information they actually do (or don’t) record about you.

Loophole #1: “We don’t log or monitor your VPN activity”

These is the most common way we’ve seen the term ‘non-logging’ misused.

Many VPN providers have advertised themselves as no-logs only stick in the fine print (sometimes on an entirely different page) a line that says something like: “we don’t log your online activity…”

Which should read: “…but we still keep connection logs.”

How to spot this loophole:

If you’re reading a VPN’s privacy policy and they say something like “We never log or monitor your browsing history or VPN activity” but they don’t mention metadata like bandwidth usage or IP addresses, this is a red flag. You should assume that they do record metadata if they don’t specify otherwise.

VPNs that possibly use (or used to use) this language:

  • PureVPN
  • VyprVPN
  • Zenmate
  • ExpressVPN
  • IBVPN

And that’s just a small list (there are plenty more).

Loophole #2: Logging by a 3rd-party

This is an often overlooked loophole, and frankly one that’s hard to do anything about. But it’s a threat to your privacy, so it’s worth paying attention to.

When talking about logging policies, most VPN companies say “we don’t log…” or “(Company Name) doesn’t log…”

But what about 3rd-party companies that may be given access to a server or via an API? What about government agencies or data-mining firms?

Does the privacy policy specifically state that the VPN will never share your data with a 3rd-party or otherwise allow them access to VPN metadata or content?

Possible Scenarios:

  • VPN allows a data-mining firm to access your browsing history or DNS queries
  • VPN injects a supercookie into your traffic that allows advertisers to track you across the web (this isn’t technically logging by them either. Sneaky.)
  • VPN company sets up a 2nd company and gives them server access. That company does data mining and sells your browsing history.

Note: These tricks aren’t likely among trustworthy paid VPNs, but unfortunately are far too common among so-called ‘Free’ VPNs.

Loophole #3: Government Intervention

It’s easy for a VPN provider to honor their logging policy until big brother comes knocking. If a major government agency (NSA, FBI, MI5) wants access to a VPN server in their jurisdiction, they’re going to get it.

And it doesn’t really matter where the VPN company is headquartered. If the VPN server in question is located in a US or European data-center, that agency is getting whatever access they want.

By the way, this doesn’t even violate the logging policy of the VPN (as in the case of IPVanish, which didn’t actually do the logging despite competitors claims).

If a government agency installs Wireshark on a VPN server or otherwise monitors VPN traffic, they’re the one keeping logs, not the VPN provider.

Bottom Line: You can trust logging policies to a point, but don’t think you can piss off a federal agency and a VPN can protect you. It probably won’t.

Do you really need a non-logging VPN to download torrents?

Yes. Seriously, yes.

If you’re going to buy a VPN service, you might as well get the best tool for the job (anonymous torrenting). And Log-free VPNs don’t have to be expensive.

When choosing a VPN for Torrents, you should look for:

  1. A VPN that keeps doesn’t keep logs at all or doesn’t log IP addresses
  2. The VPN uses Shared IP addresses (multiple users per IP)
  3. The VPN specifically allows torrent traffic on their network.

The shared IP addresses are key, because if multiple users are simultaneously using the same IP address, a VPN can’t positively identify an individual user based solely on an IP address (even if they did keep metadata logs).

So why then, you may ask, do we feature non-logging VPN’s so prominently on this site? Well, there are two primary reasons:

Reason’s most of the VPN’s we recommend are no-logs VPN’s:

#1 – 
The truth is that many of the high quality VPN providers are moving toward reducing or eliminating their logs altogether because that’s what the customers want. As a result, many of the really high quality VPN services are also non-logging. A good example of a premier VPN that eliminated their logs would be IPVanish who became a non-logging vpn in April 2014.

#2 –  The other reason is that most of the truly torrent-friendly VPN providers have moved to a non-logging policy, both because of the needs of their customers, but also as a method to protect and insulate themselves from any outside pressures they may face. If they can’t identify their customers based on an IP address, they can’t violate their customers’ privacy, and no VPN provider really wants to do that…

Which VPNs are best?

There are at at 7-10 solid options featured on our site, but there are a couple that really stand out from the crowd.

Anything of these providers would serve you well:

Ryan McCarthy

Ryan is the editor and head reviewer. He's been a tech geek and digital privacy enthusiast since the Y2k freakout in '99. When not writing BitTorrent tutorials, he can usually be found sipping a lager or playing pickup football (the real kind).

Leave a Comment