Your email could be compromised.
Scan it on the dark web for free – no signup required.
With tracking baked into websites, surveillance expanding across borders, and platforms handing over user data more often than ever, it’s no surprise that millions are turning to VPNs and encryption tools to stay private online.
But as more users protect themselves, more authorities are pushing back.
In just the first half of 2025, PureVPN received over 43,000 data requests, which is double the number from the same period last year. These came from law enforcement agencies, cybersecurity teams, and copyright bodies across the globe.
What were they looking for? Logs. Metadata. IP addresses. Anything that could tie a user to their online activity.
What did we give them? Nothing.
Not because we refused, but because we’ve built our systems so that there’s nothing to disclose.
In this blog, we break down the spike in data demands, how surveillance strategies are shifting, and why PureVPN’s audit-backed no-log policy continues to protect your data, even when it’s being asked for.
Please note: PureVPN’s Transparency Report for the first half of 2025 is now available on our Trust Center.
H1 2025 vs H1 2024: What Changed?
Here’s a direct comparison of the top request categories year-over-year; let the numbers speak for themselves.
| Request Type | H1 2024 | H1 2025 | % Change |
|---|---|---|---|
| IP Takedown Notices | 20,799 | 41,790 | +101% |
| Court Orders (incl. warrants) | 0 | 8 | +100% |
| Subpoenas | 4 | 2 | -50% |
| Emergency Disclosures | 16 | 4 | -75% |
| Spamming Complaints | 46 | 179 | +289% |
| Hack Attempts | 120 | 199 | +66% |
| Malware Detection | 419 | 177 | -58% |
| Phishing Reports | 19 | 81 | +326% |
| DDoS Attacks | 247 | 244 | -1% |
| Total Requests | 21,670 | 43,358 | +100% |
Key Insight: While external requests doubled, not a single user identity was exposed. PureVPN’s zero-log infrastructure remained technically incapable of complying with these demands.
Who’s Making the Requests?
The 43,358 requests we received in H1 2025 came from a variety of global sources — with the geographic and organizational diversity telling a deeper story about growing surveillance pressure.
Top Data Requesting Countries
The majority of requests originated from:
- United States
- India
- United Kingdom
- Germany
- Netherland
- Czech Republic
- Other parts of the world
These nations collectively accounted for over 80% of all requests, many tied to copyright enforcement, digital fraud detection, or botnet-related abuse.
Authorities & Entities Involved
Requesting entities spanned a range of industries and enforcement bodies:
- Law Enforcement Agencies: Seeking court-ordered access to user identity or activity (denied due to no-logs).
- Data Centers & Hosting Providers: Flagging spam and abuse complaints.
- Computer Emergency Response Teams (CERTs): Alerting on phishing links, botnets, and malware traces.
- Cybersecurity Threat Intel Networks: Requesting takedowns or info for incident response.
- Government Surveillance Bureaus: Using indirect channels to seek access through infrastructure-level interventions.
None of these requests resulted in the disclosure of user data.
What These Requests Actually Mean for You
1. Intellectual Property Takedown Requests
We received 41790 IP takedown notices related to P2P infringement, primarily from data centers and anti-piracy organizations in the US, Germany, India, and the UK. Since we don’t log traffic, there was nothing to hand over.
2. Emergency Disclosures
There were four urgent requests from law enforcement to disclose user data to prevent serious physical harm, but no data was shared.
3. Court Orders and Subpoenas
We received eight court orders and two subpoenas. As always, we disclosed nothing, thanks to our no-logs policy.
4. Spam Complaints
We received 179 complaints related to spam, which were addressed internally using automated systems — all without exposing any user identity.
Why the Sudden Spike in Requests?
Governments and institutions are stepping up enforcement globally. According to the EUI–Freedom House report, in the last five years:
- VPNs have been restricted or banned in 21 countries, often under the guise of national security or misinformation control.
- End-to-end encryption is being undermined in 17 nations, either via regulation or outright bans.
These increased restrictions have shifted the burden of access from individual users to service providers like VPNs. This is why we’ve seen a:
- 101% increase in IP takedown requests
- 326% spike in phishing reports
- 289% rise in spam complaints
Yet despite growing legal pressure, PureVPN disclosed no user data — backed by independent audits and a strict no-logs policy that makes compliance with data-sharing demands technically impossible.
As a result, we’re seeing:
- More pressure from governmental authorities, data centers, and ISPs
- Increased phishing and botnet abuse complaints
- Heightened legal processes involving court orders and subpoenas
But pressure doesn’t equal compromise.
Court Orders, But Privacy Holds
Yes, you read that right.
PureVPN received eight court orders in H1 2025 — a 100% increase from zero the previous year.
This reflects a growing global trend in which VPN providers are being drawn into legal proceedings, often being asked to hand over user metadata, IP logs, or activity trails.
But because PureVPN logs nothing, our response is simple and consistent: we have no data to give.
Built to Say No
PureVPN has long operated on a strict no-logs policy, meaning our entire system is designed for zero exposure:
- No logs of browsing or traffic data
- No connection timestamps
- No stored IP addresses
Every interaction with PureVPN’s infrastructure is ephemeral, meaning it disappears the moment your session ends. So when a court order, IP takedown request, or spamming complaint arrives, there’s nothing on record to hand over.
Beyond our “Always-On” audit, we are also a proud member of the i2Coalition’s VPN Trust Initiative (VTI), recognizing excellence in security, privacy, advertising practices, disclosure, and social responsibility across the VPN sector.
Our PureVPN Trustpilot reviews further reflect the confidence users place in us as a safe, no-logs VPN provider. Additionally, we leverage an ISO/IEC 27001:2022 certified Information Security Management System (ISMS), underscoring our dedication to globally recognized standards in managing sensitive data.
What This Means for You
Whether you’re a journalist in a censored region, a crypto trader handling sensitive funds, or just a privacy-conscious user:
- Your metadata is your identity: Requests for infrastructure-level access often aim to map your entire digital footprint.
- Your protection must be proactive: Relying on platforms that only talk about privacy isn’t enough. Infrastructure must be built with zero-knowledge principles.
PureVPN’s no-disclosure record — even under pressure — proves that real privacy is possible.
Stay private. Stay empowered. Stay untraceable.
