Some of the world's best-known VPN services keep user logs despite denying that they do so, TheBestVPN website has concluded.
Among the offenders (26 in total, out of 115 VPN providers surveyed) are PureVPN, HideMyAss, HotSpot Shield, VPN Unlimited and VyprVPN.
TheBestVPN, a VPN review and recommendation site, didn't break into each provider's network to deduce that the services were keeping logs. Instead, it simply read the fine print in each service's privacy policy, which in many cases contradicted the service's "no logs" statements.
"Bottom line, if you aren't doing anything illegal, you should be fine," wrote TheBestVPN reviewer John Mason. "But what's the point of having a VPN anyway? It's for keeping you fully private and anonymous."
MORE: Best VPN Services and Apps
PureVPN, for example, claims that at the top of its privacy policy page that "we do not monitor user activity nor do we keep any logs." Yet it goes on to admit on that same page that it logs each user's connection time and bandwidth and, by implication, Internet Protocol (IP) address.
It also collects each user's name and email address during the registration process, and, for users from certain countries, the user's phone number as well.
That may sound reasonable to a layman, but those details would be very valuable to law enforcement agencies or spies. You really don't want a VPN service matching up your name and address with logs of your activities.
Unfortunately, PureVPN has handed over such data to the FBI at least once. A recent cyberstalking criminal complaint in Massachusetts cited PureVPN logs of the defendant's online activities. You don't want to trust any VPN service that's known to have done that.
You could argue that a VPN service does need to know your IP address, the bandwidth you use and the connection time. That's true on a day-to-day basis, but it doesn't need to log that data for more than a few hours.
Compare PureVPN's approach to that of Mullvad, a hyper-private VPN service that doesn't ask for your name or a valid email address when you sign up on its website. The Mullvad site just spits out a random account number that you'll use as your username and password going forward.
If you don't want to generate the paper trail that a credit-card payment to Mullvad would entail, you can simply put cash in an envelope along with your account number and mail it to Mullvad's headquarters in Sweden.
Our top choice for VPN service, Private Internet Access, isn't quite as hardcore as Mullvad. It requires you to provide a valid email address during registration and doesn't take cash payments, although it will accept store gift cards and Bitcoin (the latter of which is not really anonymous).
Private Internet Access is also based in the U.S., which will scare off a lot of privacy diehards. But it's a lot faster than Mullvad or, indeed, any other VPN service we've reviewed.
The upshot is that you need to be very picky when choosing a VPN service. You're entrusting complete strangers, often half a world away, to guard your internet secrets. Make sure you read as much as you can about a particular service before you invest your money and your privacy with it.
Best VPN Services and Apps
Private Internet Access covers the basics of a VPN, and it does this well. For those who value the anonymity of the service it is a good choice, but it has less servers than some competitors, which gives us pause for thought.
Windscribe is a strong player in the VPN space, with a range of affordable plans, plus a free tier. Those who step up to one of the paid plans are rewarded with access to a much larger choice of servers, with additional features such as Windflix to facilitate Netflix streaming.
CyberGhost’s VPN offering is a good service, with affordable long term plans, and up to 7 connected devices. Misses for the service include the lower number of platforms supported, and the super short 24-hour trial period.
