vpn logs explained

Setting the Record Straight: Addressing VPN Privacy and VPN Logs

Update – May 25, 2018

We’ve recently updated our privacy policy to give more power to our users. While PureVPN has always given the utmost importance to the privacy of its users, the new privacy policy provides even greater transparency and more control over how our users can use our services.

The Story Unfolds

We have a well-documented, proactive stance on cyberstalking. Several organizations have appreciated and applauded our stance in the recent past, which is a source of pride for us. Having said that, a recent cyber stalking incident was extensively reported in leading tech publications, where a certain individual was arrested on suspicion of masterminding a cyberstalking campaign against a young woman and her family.

We would like to reiterate that we acted precisely as per our existing Terms of Service and Privacy Policy.

Despite the actions of the accused, fingers pointed towards PureVPN for all the wrong reasons. To avoid further confusion for our customers, and to prevent a skewed and false portrayal of PureVPN, we believe now is the right time to initiate communications.

As a VPN provider, PureVPN was unfortunately dragged into this incident because of a lack of clarity on network logging mechanisms implemented throughout the industry.

Two Broad Logging Types

It’s important to clarify important technical terminologies before moving forward. Doing so will help us address the terms that might come across as confusing or at times, too broad.

There are two types of logs within the context of a VPN service:

  • Browsing Logs:

Browsing logs are extremely personal and private to users, which are not maintained at PureVPN.

Our No Log policy directly complements our commitment to the basic human right to privacy.

  • Network Logs
    (Also known as Troubleshooting, Maintenance, Speed, or Connectivity Logs).

Network logs, on the other hand, are created and maintained to troubleshoot and optimize a service. These logs contain no traces of browsing habits or other private user activities. These logs, among other system logs such as bandwidth consumed, contain mostly the user timestamps.

What Is A Timestamp?

When speaking of networking logs, you will often notice mention of timestamps; timestamps associate with IP address, connection initiation and disconnection from the VPN providers servers.

Do Network Logs Expose You?

The answer is no. It is such by design. They simply can’t.

If we were to say that the entire picture is a glimpse of what you were doing online, network logs maintained by PureVPN make up no picture by themselves. They are just random numbers and reveal nothing. If a user intentionally indulges in attacking, hacking, abusing, threatening or other similar unanimously unethical activities (as also detailed in our Terms of Service) the victim (any organization providing a service online) of such attacks would then identify these instances in their network logs. If someone indulges in such activities and if an official complaint is filed, authorities then reach out to us with a valid court order or subpoena (in some cases alleged victims or authorities directly themselves) providing us the counterpart network logs from the attacked service’s servers.

Just to reiterate, we absolutely, under no circumstances, monitor, collect or share information related to browser activities or browsing habits.

Still Confused?

Think of it like this: A network log is automatically generated every time a user visits a website. For the sake of this example, let’s say a user logged into their Gmail account. Every time they accessed Gmail, the email provider created a network log.

If you are using a VPN, Gmail’s network log would contain the IP provided by PureVPN. This is one half of the picture. Now, if someone asks Google who accessed the user’s account, Google would state that whoever was using this IP, accessed the account. If the user was connected to PureVPN, it would be a PureVPN IP.

The person or organization inquiring about the user’s account will then trace the IP back to data centers where the VPN provider’s servers are hosted. The data center will point them to the VPN provider and trail finally leads to the VPN provider. The inquirer would then share timestamps and network logs acquired from Google and ask them to be compared with the network logs maintained by the VPN provider.

Now, depending on the VPN provider’s policy, they might ask for a warrant or subpoena before sharing information with whoever is asking. The information shared by the VPN provider will be a timestamp, containing the information about when an IP connected to which server and the non-VPN IP of the user. This correlation and the comparison of two network logs, maintained by two independent organizations leads to the possible path towards confirmation.

TLDR; to confirm someone’s real IP, two different set of Network Logs are required: one from the VPN provider and the other from the server where the IP visited, browsed or downloaded something. Any one set of Network Logs on its own is pretty much useless since it contains no valuable information. The two must be compared and verified for any link to be confirmed.

PureVPN Protecting Against Surveillance Programs Like PRISM

Unlike organizations who are legally bound to the laws of and mass surveillance programs in US, UK, Canada, Australia and similar regimes, PureVPN helps avoid jurisdictions affected by the infamous mass surveillance programs like PRISM, ECHELON, XKeyscore, Tempora and others. Keeping this in mind:

Do you think VPN Providers and other organizations based in any of those affected jurisdictions can really live upto their so-called Zero-Log policy?

In order to obtain the network logs from our end, any law enforcement agency must come to us through the consumer privacy-friendly, non-spying jurisdiction of Hong Kong. In order for the case to be considered and acted upon, any charges or allegations must be in accordance with the laws of Hong Kong. Since Hong Kong is not part of any of those infamous surveillance programs those requests will simply be blocked even before it reaches us.

Continue To Trust Us With Your Privacy, Trust Us To Make The Right Call

PureVPN did not breach its Privacy Policy and certainly did not breach your trust. NO browsing logs, browsing habits or anything else was, or ever will be shared. Your trust is our primary consideration, and as our user, you can rely on us to continually take actions that protect you from unwanted intrusions into your privacy, regardless of where they may originate.

Please don’t hesitate to contact us with any further questions or concerns, and we look forward to provide you with the same level of service that you have come to expect from your trusted partner in privacy.

PureVPN is a leading VPN service provider that excels in providing easy solutions for online privacy and security. With 750+ servers in 141 countries, PureVPN helps consumers and businesses in keeping their online identity secured.

25 Comments

  1. Anonymous says:

    comparing this to other policies. as a torrent enthusiast… do i have something to worry about

    • Torrents says:

      Not until the authorities have the will to arm-twist VPN providers like PureVPN for info. If you’re a PureVPN user, you’re protected because there isn’t enough political will to catch you and not because you use PureVPN.

  2. Alex says:

    can someone correct me if i’m wrong. but it sounds like they are saying that the logs they maintain are not doing any harm… not sure if i buy this but based on what they’ve written it kind of does make sense.

    • Dave says:

      all this is already in their policy. “We therefore have no record of your activities such as which software you used, which websites you visited, what content you downloaded, which apps you used, etc. after you connected to any of our servers. Our servers automatically record the time at which you connect to any of our servers.”… was i the only one that read their terms and conditions

  3. Michelle says:

    bet that girl and her family are grateful. as a customer, im glad you finally spoke out

    • Edward says:

      thinks purevpn does what they has to does… they make difference and help in arrest. not like somebody can say they do this too. they help all criminal all bads

  4. John says:

    this is a start… atleast you accepted that you’re logging.

    • Harry says:

      everyone logs. not surprised. atleast they aren’t in the US. and no business in their right mind would share logs without a valid reason.

  5. Jeff says:

    alright so this is a little worrying. just googled this echeolon and tempora and prism thingy… kind of bummed that they keep logs but better them then a US provider…

  6. Angus says:

    it raises more questions for me. I was a customer earlier but now i’m questioning my current provider too. they have a valid point for the ones based in the US n other countries. seeing how they are part of the 14 eye theory, being in Hong Kong would probably be beneficial

  7. Martin says:

    Thanks for taking the time to put PureVPNs position forward and clarifying the events and your position.

    As a long time subscriber, my main query is around the “being Hong Kong based” argument.

    As Hong Kong falls under Chinese control, after hand over from the UK, what is China’s policy on surveillance and how might this change as Chinese influence increases?

    Thanks and regards,

    Martin.

  8. Anonymous says:

    I’m sure most users would prefer that Network logs identifying their original IP addresses not be kept at all, and definitely the information should be overwritten/ wiped the instant the user terminates a session?

  9. Anonymous says:

    for how long you keep those logs?

  10. Peter Yoanidis says:

    I salute you. My belief is if you are physically, financially and or emotionally causing real harm to an individual via internet (stocking), let justice rain hard on that individual. I also believe terrorist organizations need to be exposed to law enforcement as well.
    This means we loose some freedoms but if it saves innocent lives it’s all worth it.

  11. Anne says:

    Awesome that is so good to know cause i have been hacked in the past and it truly sucks i got off of facebook and instagram because of it and thanks again for everything

  12. Jerzy says:

    I respect your data protection policy.

  13. Greg says:

    I,m OK with how this was handled ,Thanks

  14. Anonymous says:

    I’m privacy conscious, yes, hence I use your system. However; i’m also law abiding, and law supporting. I congratulate you on assisting law enforcement in this or other similarly significant investigations.

  15. Ivan says:

    Thank you for protecting us, PureVPN! ❤️

  16. Max says:

    If your policy really lives up to your claims, I must say I’m very happy with them. IP addresses and time stamps should be enough to pin a stalker or criminal, but this requires 3 parties’ cooperation: VPN provider, ISP and legal authorities. If PureVPN really only discloses IP logs upon a rightfully formulated subpoena, honest users shouldn’t feel threatened and prosecuting criminals is something we should be all glad about. There’s one point VPN providers often intentionally aren’t very clear about and this would be a concern for honest users as well. Besides the fact that you keep IP logs with time stamps (nevertheless not logging URLs), does PureVPN log DNS metadata?

  17. Mr H says:

    I request your company to delete my network log from your system please.
    Thanks

  18. Galil says:

    Why are your logs doesn’t automatically deleted after a time frame, lets say a week??

  19. Howie says:

    Hey
    PureVpn has worked out so far for me and my family. Thanks for the bulletin. Have a grate day Hong Kong
    H

Join 1 million+ users to embrace internet freedom

Signup for PureVPN to get complete online security and privacy with a hidden IP address and encrypted internet traffic.

Shares