The Best No Logs VPN Providers in 2018

  • Hide your IP and never have your internet activity recorded again.
  • Secure browsing with guaranteed online privacy
  • Access websites and apps securely from anywhere in the world
  • Stream TV shows in HD with super fast speeds
  • Free trials, exclusive prices, and money back guarantees

Editor's Choice 1. From $6.67 / month
BestVPN.com Score 9.9 out of 10
Visit Site   Read Review
2. From $3.99 / month
BestVPN.com Score 9.8 out of 10
Visit Site   Read Review
3. From $3.5 / month
BestVPN.com Score 9.5 out of 10
Visit Site   Read Review
4. From $2.73 / month
BestVPN.com Score 9.4 out of 10
Visit Site   Read Review
5. From $4.65 / month
BestVPN.com Score 9.2 out of 10
Visit Site   Read Review

VPNs are a flexible tool that are useful for many things, from watching US Netflix from abroad to defeating state censorship and protecting you from WiFi hackers.

Many people, however, use a VPN primarily to provide privacy while online, regardless of what they use the technology for on a day-to-day basis.

If you value privacy, then you want a no logs VPN. Unfortunately, this term is much abused by VPN services and is often misunderstood by customers. In this article, we examine what providers really mean when they say they 'keep no logs', and discuss why and when such claims can be trusted.

What are VPN logs?

To a large extent, the VPN provider simply replaces your ISP as a point of weakness. Instead of your ISP, your VPN provider can now see your non-HTTPS encrypted web traffic, which websites you visit, and which non-HTTPS web pages you visit.

This difference is that almost all VPN services promise to protect your privacy in ways that your ISP almost certainly does not. And to some extent, almost all respectable VPN services provide some level of protection. It is very bad for a VPN’s business reputation to cooperate with requests for customers’ data, be such requests from a government, police force, or copyright holder.

And if the VPN service is based in a different country or jurisdiction, forcing the provider to disclose information can be lengthy and expensive.

But it can be done, and no VPN provider’s staff will go to jail (or ruin their business) to protect a customer. If the data exists, a VPN provider can - in theory - be compelled to hand it over.

This means that the only way for a VPN service to guarantee the privacy of its users (which is, after all, many VPN services entire business model), is to store no information that can be handed over - even if it wants to or is somehow forced to.

This is why many VPN providers back up their privacy credentials by claiming to keep no logs. After all: it can’t hand over what it simply doesn’t have.

Unfortunately, there is a lot of confusion over what “no logs” really means, and many such claims are less than forthright on providers’ part.

Usage logs and connection logs

The logs a VPN can keep can basically be separated into what we term usage logs and connection logs.

  • Usage logs are the details of what you get up to on the internet, such as which websites you visit etc.
  • Connection logs are metadata logs. A full set of connection logs includes a timestamp of when you log in to a VPN server, when you log out, the IP address you log in from, your username, and how much bandwidth you use.

Unless you pay for the service anonymously in some way (for example using properly mixed Bitcoins), your username and/or IP address is usually associated with payment detail such your bank number or PayPal address.

If you're interested in seeing a list of VPNs that accept Bitcoins as a method of payment, take a look at our Best Bitcoin VPNs guide.

No VPN service that we know of, routinely keeps usage logs.

Many VPN services, though, do keep extensive connection logs. Why? Sometimes they are required to by the laws of the country they are based in, but even if not, many keep connection logs anyway.

Such logs make it much easier to run a VPN service - to locate and fix problems, to provide customer support and refunds, to measure performance, and to provide a smooth-running operation in general.

Although many VPN services claim to be a “zero log VPN,” they mean they keep no usage logs. But they often keep extensive connection logs.

Connection logs are dangerous

Consider the following situation: Bob does something on the internet that interests the police. The police know that something was done using IP address xxx. If Bob is not using a VPN then it is easy enough to find out that IP address xxx belongs to a particular ISP. The police then just ask that ISP which customer address xxx belongs to, and question Bob.

If Bob is using a VPN then the situation is more complicated. The police can easily find out that IP address xxx is not a private address, but belongs to a VPN server. They can then ask the VPN provider to simply hand over all data it has relating to that address, or force it to with a subpoena or court order.

If the provider keeps no logs at all, then it has nothing it can hand over that might help the police. If it keeps connection logs, however, the police can perform what is called a timing attack to identify Bob:

They ask the VPN provider to state which user or IP address used IP address xxx at the time the incident took place. If only one person was using IP address xxx at that time then the police can trace that IP through its ISP as normal.

Most VPN services, however, deliberately muddy the water by using shared IPs. This means many customers use the same out-facing IP at once.

If enough data points are available (other records of when and which IPs belonging to the VPN service were used), then statistical analysis can fairly easily uncover the Bob’s IP address. This is known as a traffic correlation attack.

If not enough data points are available (for example the police are investigating a single incident) then a traffic correlation attack will fail and the police will not be able to identify Bob.

However, if the police already suspect Bob and know his real IP address (from his ISP), the fact that he was using IP address xxx as the time of the incident may not constitute proof of anything, but it can provide powerful supporting evidence when building a case.

Logs E1527154618960

Real-time logs

All of which is not to say that VPNs are good at hiding criminal activity. They are not. Inherent to the nature of VPN technology is that logs are created in real-time. Someone monitoring a VPN server can always see the home IP addresses of all users, plus the IP addresses they visit for as long as they are connected.

A genuine no logs VPN company will simply discard this information as it is generated. Or sometimes, as soon as users disconnect from the service…. which takes into grey areas we’ll discuss in a minute. What is critical to understand here is that whether or not a VPN service routinely keeps logs, it can do so.

And if it can, then it might.

In the example above, let’s say the police subpoena the VPN provider to hand over all of its logs. The VPN provider must comply, but turns around and says “Here is everything we have... which is nothing, because we keep no logs. Sorry!”

The police can then issue another subpoena ordering the provider to start logging from here-on. If Bob is a regular customer and carries on doing whatever it is that interests the police, enough data points will soon be collected to identify him through a traffic collation attack.

Such subpoena’s and court orders are typically accompanied by a gag order, which prevents the VPN provider from warning Bob or other customers that it has been compromised. This is why some providers issue warrant canaries (see below).

What exactly is “no logs”?

Which, of course, brings us to the $64 million question: how can we define “no logs?” If a provider deletes all logs five minutes after a session ends, is it no logs? If a provider collects some aggregated usage statistics but nothing that can be used to identify its users, is it no logs? If a VPN provider associates a timestamp with each user account, but only keeps the most recent timestamp, is it no logs?

There are no definitive answers to these questions. If could be argued that only the strictest interpretation will do – only if all logs are sent to a /dev/null file (deleted) the instant they are generated can a provider be called “no logs”. This seems very unfair, however, on providers keep some minimal data, but not anything such as timestamps and IP addresses that can be used to identify users.

After all, the entire point of keeping no logs is to protect users’ privacy, so what is the point of being hard-line on providers who do not keep any logs that threaten (or present any realistic threat) to their users' privacy?

BestVPN.com therefore defines any VPN service that does not store information that can be used to identify its users (such as timestamps and IP addresses) for more than a few minutes after the connection has ended as a no logs VPN.

Privacy not anonymity

If your VPN provider always knows your real IP address and when you connect to its service, then you are not anonymous in any real sense of the word. This is why we much prefer to say that VPNs provide privacy, not anonymity.

If you are a whistleblower, journalist, political dissident, or other person in need of real anonymity you should use Tor instead.

So why all this faff about using a no logs VPN?

We expect any VPN that promises to protect your privacy to be able to do so with fair degree of robustness. And if a VPN keeps logs then any promises it makes to protect your privacy are simply not worth the digital paper they are printed on as it has no way to back up this claim.

We, therefore, consider a robust no-logs policy to be the mark of VPN provider that genuinely cares about its users’ privacy and has taken meaningful steps to protect it.

Account information

VPN services are commercial enterprises - their purpose is to make money. As such, they need to get paid! And to get paid they need to know who has paid for what, and when their subscription comes to an end.

So on top logs generated by the VPN server itself, every VPN service must keep some kind of account information. This information, however, does not need to compromise users’ privacy.

For example: A provider could maintain a simple list of usernames together with their expiry date. The usernames do not need to be associated with any email addresses, contact details, or other personally identifiable information. Once a username has expired it simply cannot be used to login to the service. There is no need to associate any online activity with that username.

If you are being pedantic you could argue that a log is being kept – a list of usernames and subscription expiry dates. However, the names on this list are not associated with an identifiable individual and are not associated with any activity while using the VPN (even when the VPN is being monitored in real-time).

We think that any VPN company using such a system could justifiably describe itself as keeping no logs.

Can we trust VPN providers?

This is the second $64 million question. The simple truth is that there is no cast-iron guarantee that a VPN provider is not outright lying about the logs it keeps. Choosing a VPN provider, therefore, comes down to a matter of trust.

So how do you know a provider can be trusted? Well… privacy orientated VPN providers have built their business models on promising privacy. If it becomes known that they failed to do this (for example by keeping logs even when they promised not to, and then being compelled to hand these over to the authorities), their businesses would be worthless.

They might also find themselves liable for legal action by their former customers!

Another point to consider is that the more logs a VPN company keeps, the weaker its position when it comes to handling legal demands. A no logs VPN provider can, on receipt of a National Security Letter, subpoena, or court order, honestly turn around and say, “sorry, we are happy to help in every way we can, but we have nothing to give you.”

This will put it in a much stronger position than a company that keeps logs and whose staff then have to decide between betraying their customers (and therefore destroying the reputation of their business) or facing legal action. Just remember that no VPN company staff member will be willing to go to jail to protect your privacy!

So keeping no logs is the safest thing (from a purely selfish standpoint) any company that is even half-way serious about privacy can do! But as we have already said, if you really require very high levels of true anonymity then use a Tor instead of a VPN.

What is certain is that a VPN will protect your privacy far better than your ISP will, without badly compromising your internet experience (as Tor will). You pay your money and you take your chances…

Server Logs

One of the benefits of using a VPN service is that you can bypass censorship and location-based blocks by connecting to servers around the world. With a couple of notable exceptions (IPVanish and VyprVPN, but VyprVPN keeps extensive logs), most of these servers will be hired from third-party server providers.

These server providers keep their own logs, and unlike privacy-focused VPN companies, will have no compunction against handing them over to the authorities when asked. So is this is a problem? Yes. But it can be heavily mitigated against.

For a start, any VPN provider worth its salt will protect its servers using full disk encryption on all drives.

Second, the data that that most server providers routinely log is high-level stuff required for the operation of the server center: overall data usage by servers, server uptime, and so forth. There is no reason to log the IPs of everyone who connects to their servers, and any good VPN service will be careful to partner with server providers who keep minimal such logs.

An adversary could monitor IP addresses that connect to the VPN server (or require the server center to so) in order to perform a traffic correlation attack. This is not a trivial task, however, and would constitute a highly targeted attack. And it is made more difficult if the VPN server is located in a different jurisdiction to the investigating authorities…

Servers

Conclusion

Using a VPN can provide a very high level of privacy on the internet, including a high level of resistance to mass government surveillance. And it does this with minimal impact on your internet experience.

A robust no-logs policy is the mark of a VPN service that respects its users’ privacy, so anyone using a VPN for privacy should pick a good “no logs VPN.” Just don’t expect any VPN to protect you if you commit a major crime or if you are Edward Snowden.

Editor's Choice 1. From $6.67 / month
BestVPN.com Score 9.9 out of 10
Visit Site   Read Review
2. From $3.99 / month
BestVPN.com Score 9.8 out of 10
Visit Site   Read Review
3. From $3.5 / month
BestVPN.com Score 9.5 out of 10
Visit Site   Read Review
4. From $2.73 / month
BestVPN.com Score 9.4 out of 10
Visit Site   Read Review
5. From $4.65 / month
BestVPN.com Score 9.2 out of 10
Visit Site   Read Review