NordVPN updated their transparency reports to share:
"In October 2024, NordVPN received a binding warrant from the Panamanian prosecutor’s office related to a criminal investigation. We had to comply with the law and provide the requested user data.
We want to clarify that according to our privacy policy, the only info we could provide was payment-related data and confirmation about the account linked to the email given to us by the authorities. We do not keep any logs of internet activity or connection details. So, we had no such data to share.
Your security and privacy are our main focus."
and
“Orders that led to any user information shared: 1”
They previously claimed to “never log user activity unless ordered by a court”. I thought everyone should know that they might have started logging.
Every legit provider does this.
As a user, you are not more important than the income you bring in.
Ignoring a court order can cost them more than what you contribute as a client.
These providers are mainly useful for ‘illegal’ downloads and masking your IP when visiting questionable sites.
Courts aren’t usually after torrent or streaming clients since it’s too costly.
Whistleblowers shouldn’t use these services either, they could be high targets.
(Smart) terrorists wouldn’t use these either, since they know about middleman flaws.
If someone plans to harm a president or attack a stadium, they will get caught, and everything will be handed to investigators.
@Alden
They’ve said before that they don’t log unless ordered by a court. I mean it makes sense. I’m not saying they shouldn’t. Just letting folks know that they disclosed user info for the first time and might have been ordered to log that user. Just a heads-up in case people missed the updated report.
Just letting folks know that they disclosed user info for the first time
No, it’s not the first time. I can guarantee it.
This is only the first time they posted a full transparency report. They didn’t share this info before September last month. They have faced criticism for not publishing one. They never said if they did before, and you can’t prove they didn’t. They are too big to not have done so before this.
@Benn
Sorry but I can’t follow this. Either log or don’t log. Not logging ‘unless ordered by a court’ doesn’t make sense to me. If they don’t log and a court asks for something, how can they start logging then? It doesn’t add up.
They all log, even if they say they don’t. They are logging identifiers for every account. Why use a regular email for your login? Make a temporary email account for sign-up.
Baer said:
They all log, even if they say they don’t. They are logging identifiers for every account. Why use a regular email for your login? Make a temporary email account for sign-up.
Many VPNs have proven in court that they don’t log.
@Ellis
Talking about ‘logging’ usually doesn’t lead anywhere productive, in my opinion. Everyone has different ideas about what logging means. Just skip it.
It’s good to see they still don’t log activity, but the fact they had to disclose something makes me cautious. A reminder to stay aware of what ‘no-logs’ really means.
Keller said:
It’s good to see they still don’t log activity, but the fact they had to disclose something makes me cautious. A reminder to stay aware of what ‘no-logs’ really means.
but the fact they had to disclose something makes me cautious.
Do you think they would ignore a valid court order?
Every VPN shares this same info when they get a valid legal request. Check the transparency report for any VPN that actually shares this info.
Mullvad claims they don’t need to, which hides how often it’s asked for, etc.
Billing info and account email (what they provided) is about the least any subscription service can keep and still work. This applies to VPNs too.
PhilosophyTube’s latest video talks a lot about surveillance capitalism and goes into the info gathered by the streaming service she partly owns; it’s quite interesting.
I was thinking about using them.