VPN Logging: Zero Logs vs Metadata Logs vs Browsing Logs
Let’s first consider the following comparison of various types of logs:
Zero Logs VPN
No Privacy Issues
- Data N/A
Full Traffic Logs
Invasion of Privacy
Real IP address 188.8.131.52
Connected to US server Jan 3, 2015, 1:13 PM
Assigned IP address 184.108.40.206
⁃ etc etc etc....
Disconnected from US server Jan 3, 2015, 10:45 PM
Total bandwidth: 10GB
Essentially, the above means that the most secure VPN provider is a Zero Logs company that keeps absolutely no personally identifiable information about their users. Zero Logs VPN providers cannot match an assigned IP address with the real IP address and do not monitor users’ browsing habits. A list of the best zero-logs VPN providers is provided in the Most Secure VPN guide.
VPN providers that keep Metadata Logs (Server Connection Logs), related to the date and time when the connection to the server was established and an IP address that was used, also do not monitor their users’ online activity. This is the reason they tend to call themselves “No Logs” VPN providers. But since these providers know your real IP address and which VPN IP address you were assigned, they can decide to cooperate with the authorities when you break the law. So once you get the attention of the authorities, a specific law enforcement agency uses an IP address involved in a specific illegal activity and subpoenas a VPN provider to reveal the real IP address. This is different from logging the websites that you visit and spying, though, because a VPN provider doesn’t know what you do online when you use their network.
Let’s say John with a real IP 220.127.116.11 was assigned an IP address 18.104.22.168. When John accesses various websites, these websites store certain information about this user, including an IP address, OS, browser and screen resolution. When 22.214.171.124 is tagged by the authorities for, lets say, selling guns on the darknet, they reach out to a VPN provider with a court order to disclose the real info about this user, which in the case of Metadata Logging is an IP address. The provider can then match 126.96.36.199 to a real user 188.8.131.52. and this is how John gets caught.
However, when a Shared IP was used, there were multiple users who were connected to the same server. So law enforcement needs to employ additional techniques to determine an exact individual.
While we do not feel that criminal activity should be endorsed and enabled by the means of encryption tools, it’s important to note that metadata logging is not suitable for whistleblowers, certain journalists or other illegal activities. Keeping server connection logs, however, in no way invades user privacy and is, therefore, an excellent choice to protect yourself from mass surveillance. When you’re using encryption tools, nobody can intercept and steal your data, and ISPs no longer have access to your browsing history.
Full Traffic Logging (Browsing Activities), on the other hand, is unacceptable and critically invades our right to privacy! As evident from the table provided, full traffic logs contain highly personal sensitive information about browsing habits of the users and can be used to build personal profiles. Mandatory Data Retention laws in the UK, Europe and Australia force ISPs and telecom companies to store full browsing logs. Based on the privacy policies of the VPN providers we reviewed, none of them practice full logging. However, we’d like to note that some reserve the right to temporarily turn on logging for investigation purposes when they determine their network is being abused. Since they do not clarify exactly what constitutes abuse and do not specify what information they start logging in such cases, we feel that such companies should fall under the Full Traffic Logging VPN category and should be used with caution.