VPN Logging Explained

Callum Tennent
Callum TennentUpdated

Choosing a VPN provider with a no logging policy sounds simple enough, but some providers are not as clear or honest as they could be. This guide explains how to comb through the fine print.

What is VPN logging and why does it matter?

If you use a VPN to protect your privacy online, you’ve probably read a bit about logging. Some VPN providers log elements of your activity while you’re connected, while others save no information at all. Others lie somewhere in between.

Actually figuring out which ones log your data, and which ones don’t, is sometimes very difficult. And providers that want to hide this information can do so pretty convincingly. Some offer conflicting explanations of their logging policy on their website, making it difficult to make an informed choice.

What is Logging?

When you connect to a VPN, the provider that maintains the connection may collect data about what you do. There are different types of logging, and — sometimes — different excuses given for saving data in this way.

In simple terms, VPN log files can contain two different types of information:

  • Details about your usage, like the sites you’re accessing and the apps you ue
  • Details about your connection, like the speed.

The way your provider explains their logging policy might be confusing. They might deliberately use vague wording about which type of logging they’re doing in the background.

So, for example, a provider that says they don’t keep logs on your connection might be recording your usage, but making it sound as though they don’t.

In one of our biggest investigations to date, we found that a shocking percentage of free VPNs offered logging policies containing scarcely any details at all. Upon further scrutiny, a number even had corporate ties to China. You can read the full exposé here.

Why do Some VPN Providers Keep Logs?

There are three legitimate reasons for providers to keep logs:

  1. To ensure service is utilised properly
  2. To ensure appropriate bandwidth is used by each person
  3. To monitor connection quality with the aim of making improvements (for example, improving servers or resolving faults).

So while logging this stuff isn’t great, it is understandable in some cases. If you aren’t very privacy-focused, you might think that logging is no big deal.

But that isn’t quite the whole story.

In some cases, VPN providers monetize their service by collecting and selling these activity logs. And there are some VPNs, like Facebook’s Onavo Protect, that collect user and device data even when the app’s not active. In fact, Apple recently removed Onavo Protect from its App Store for making misleading claims.

In general, free VPNs are more likely to collect data and sell it on, or use it for a purpose that doesn’t benefit you. These companies have to make money somehow, and selling data — or gathering it for analysis — is often the end goal.

How Do You Know if Your Provider is Logging?

When comparing one VPN with another, remember that VPNs are not equal, and there is no standard you can rely on.

Some are intensely privacy focused and will defend your right to browse without being snooped on. Others exist for different reasons, like communicating data about device usage or browsing history to an unknown recipient.

Most providers know that users want privacy, and they don’t want to be logged. So they might skew their marketing material to make it sound as though they are privacy-focused when they aren’t really toeing the line.

There are no hard and fast rules, and no definitive way to tell what’s going on behind the scenes. But here are our tips for finding a provider that does not log what you do.

Don’t Take Sales Material at Face Value

If a provider says they aren’t logging you, check what that really means.

Does it mean that they aren’t logging your connection statistics, but they’re recording the apps you’re using?

There are many different ways of logging someone, and just because a provider is not logging one type of activity, don’t take that to mean that they’re squeaky-clean. The wording on the website should almost never be trusted, particularly if it’s a company that you’re not familiar with.

Beware Free Apps

It’s perfectly logical to look for a free VPN to save money and try out different services. But this is one area where going for the bargain option could wind up costing you dear.

Free VPNs aren’t provided for charitable reasons. They are making money from you. It’s up to you to figure out how.

Read their policies; check reviews and professional write-ups in detail to see why the company exists, and who it’s affiliated with.

To be completely safe, we recommend that you use a paid VPN from a well-known and trusted provider. Even if you just sign up to a trial and then cancel it later, you’ll probably be better protected.

Be Prepared to Switch

In a small number of cases, VPN providers with no-logging policies have been exposed when law enforcement agencies have approached them for log files. Often, users are shocked when this happens.

Faced with legal demands, companies claiming they have no data have had no option but to reveal their true colours. Watch out for this, and switch providers if it happens.

If a provider has been subpoenaed for user logs and it hasn’t been able to provide them, that’s a good sign that it simply doesn’t record that data in the first place. Generally speaking, these are the VPN providers that you should trust.

In Summary: Read the Fine Print

VPN providers are just like any business; they should outline what they do with your data in their policy documents.

Skip over the glossy website and the app store description. Look for the policy that says what’s logged and what it is used for.

Nobody wants to read policy documents for fun, but it’s really the only way to clarify exactly what you’ve signed up for.