VPN Logs Explained: How Much Can They Really See?

When you use a VPN service, your internet service provider (and other users on the network) can only see that you are connected to a VPN service. They can't see what sites you're visiting, or what you're doing there.

However, the VPN service itself can see everything that your ISP would normally see, which means you need to have trust in the VPN service that it will treat that information as private, and protect it accordingly. This is where the issue of VPN "logs" comes into play, and it's one of the key factors when choosing a VPN service.

What VPN Logs Actually Are

You'll see that VPN services are often marketed as "no logs" or otherwise make positive noises about their logging practices, but what's a VPN "log" in the first place? As the name suggests, a log is a record of some type.

The VPN server you connect to, might keep a record of your activities and save them in a way that can be traced back to you personally. Generally, there are three types of log a VPN service is likely to keep:

• Connection logskeep a record of when you connected, what your IP address was, and perhaps device identifiers that can be seen via your browser or network hardware.

• Usage logsare records of what you did while using the VPN. This includes what websites you visit and which files you download.

• Metadata logsare other aspects of your use, such as how long your session lasted, how much bandwidth you used, and which specific VPN servers you connected to.

VPN services usually have a public logging policy, to inform you how your data will be used:

• No-logs VPNs say that they don't keep records. Some claim to never even write those logs to disk, and only keep them in RAM while your session is active, where they can never be recovered from once gone. However, it's important to check if a no-logs provider has undergone an independent audit.

• Minimal logs VPNsusually have logging policies where only some data is kept, usually temporarily, in order to do performance analytics or troubleshooting. However, these logs might be recoverable even after deletion, depending on how that data is stored and erased.

• Full logs VPNskeep all the data and make it easy to tie it all to you specifically. This is usually how your employer's VPN works, so remember to disconnect from it before doing your own personal browsing!

So why does it even matter? Well, even if the VPN service itself doesn't intend to use your data in a way that can hurt your privacy, in some countries they may be legally compelled to hand over those logs to a judge who orders it. Likewise, the VPN service itself might be hacked, and if the data was never stored, a hacker cannot steal it.

How VPN Providers Use Logs

I touched on this briefly, but there are a. few legitimate reasons a VPN should keep logs, if only temporarily. Monitoring performance and detecting problems is a key one. If the VPN provider has no way to trace where and when a problem started, it's going to have a pretty hard time fixing that issue. You also need some form of logging to detect malware attacks, spam, and network abuse. Although temporary logging is enough for this in most cases.

One reason you need to pay attention to where your VPN is based, comes from different legal obligations. Some countries require that a VPN keep detailed user logs for a certain amount of time, so that the government can request them with justification. VPNs based in countries that don't enforce logging usually say so prominently as part of the marketing.

On the darker side of things, some VPN providers ( especially "free" VPNs ) can use your data to make money, by selling it to advertisers or otherwise using it for marketing purposes. Of course, this follows the same anonymization and aggregation as all the other types of services (like social media) we already use. Though perhaps that doesn't make it any better.

What VPNs Can’t See

VPNs can't see anything more about your internet activity than your ISP can. In other words, they can't see the content of encrypted sites, which is pretty much all websites these days. The VPN also can't see anything on your computer, like local files, unless there's a VPN client app that's doing something goofy. But none of that information goes through the actual VPN tunnel.

The VPN also doesn't know who you are unless you give that information to them, or use a payment method that's directly linked to your identity. However, most people who use VPNs do in fact give their real names, primary email addresses, and mainstream payment methods. If you want to stay anonymous, you'll need to look for a VPN service that will, for example, accept cryptocurrency and use a burner email account.

How to Pick a VPN That Actually Protects You

To wrap it all up, let's summarize the key things you should look for in a VPN if you're worried about your browsing activity being linked to you:

• Look for a no-logs VPN that has been independently audited.

• Make sure it's based in a jurisdiction that doesn't require logging and can't compel logs to be handed over to authorities.

• Look for open-source technology and transparency. Open-source clients, public security audits, and RAM-only servers are all signs a VPN is serious about privacy.

However, have realistic expectations. VPNs aren't magic tools that will make your internet activities invisible . If you want a VPN so that you can do something that's illegal, it's better to just refrain from breaking the law!

This article was produced in partnership with NordVPN.