By now most torrent users are well aware of the fact that pretty much every step they take on the Internet is logged or monitored. VPN services have become an important tool to counter this threat. TF asked the leading VPNs about their logging practices and other privacy sensitive policies.

To prevent their IP-addresses from being visible while torrenting, millions of torrent users have signed up to a VPN service. Using a VPN allows them to download anonymously and prevent snooping.

Unfortunately, not all VPN services are as anonymous as they claim, as several incidents have shown in the past.

In addition to confirming that torrent traffic is permitted, we asked several VPN services questions about logging practices, we also asked VPN pother privacy sensitive policies.

Below are the questions, followed by the responses from the VPN providers.

We don’t decide what the BEST VPN for torrents VPN is, but we give prospective users all info so they can make an informed decision. Some of the links in this article are affiliate links. That doesn’t cost you a penny extra but helps us keep the light on.

—

1. Do you keep ANY logs that would allow you to match an IP-address and a time stamp to a user of your service? If so, exactly what information do you hold and for how long?

2. Under what jurisdiction(s) does your company operate?

3. What tools are used to monitor and mitigate abuse of your service?

4. How do you handle DMCA notices and other takedown requests?

5. Is BitTorrent and other file-sharing traffic allowed on all servers? If not, why?

6. Which payment systems do you use and how are these linked to individual user accounts?

7. What is the most secure VPN connection and encryption algorithm you would recommend to your users? Do you provide tools such as “kill switches” if a connection drops and DNS leak protection?

—

Torrent Friendly VPNs That keep No Logs

1. Do we keep logs? What is that? Seriously, we have a strict no-logs policy over our customers. The only information we keep is customers’ e-mail addresses which are needed for our service registration (we keep the e-mail addresses until the customer closes the account).

2. NordVPN is based out of Panama.

3. No tools are used to monitor our customers in any case. We are only able to see the servers’ load, which helps us optimize our service and provide the best possible Internet speed to our users.

4. When we receive any type of legal notices, we cannot do anything more than to ignore them, simply because they have no legal bearing to us. Since we are based in Panama, all legal notices have to be dealt with according to Panamanian laws first. Luckily they are very friendly to Internet users.

5. We do not restrict any BitTorrent or other file-sharing applications on most of our servers.

6. We accept payments via Bitcoin, Credit Card, PayPal, Banklink, Webmoney (Paysera). Bitcoin is the best payment option to maintain your anonymity as it has only the paid amount linked to the client. Users who purchase services via PayPal are linked with the usual information the seller can see about the buyer.

7. We have high anonymity solutions which we would like to recommend to everyone seeking real privacy. One of them is Double VPN. The traffic is routed through at least two hoops before it reaches the Internet. The connection is encrypted within two layers of cipher AES-256-CBC encryption. Another security solution – Tor over VPN. Firstly, the traffic is encrypted within NordVPN layer and later sent to the Tor network and exits to the Internet through one of the Tor exit relays. Both of these security solutions give a great encryption and anonymity combination. The benefit of using these solutions is that the chances of being tracked are eliminated. In addition, you are able to access .onion websites when connected to Tor over VPN. Furthermore, our regular servers have a strong encryption which is 2048bit SSL for OpenVPN protocol, AES-256bit for L2TP.

In addition to that, we have advanced security solutions, such as the “kill switch” and DNS leak protection which provide the maximum possible security level for our customers.

NordVPN user reviews

1. We do not log, period. This includes, but is not limited to, any traffic data, DNS data or meta (session) data. Privacy IS our policy.

2. We choose to operate in the US in order to provide no logging service, as there is no mandatory data retention law in the US. Additionally, our beloved clients are given access to some of the strongest consumer protection laws, and thus, are able to purchase with confidence.

3. We do not monitor our users, period. That said, we have a proprietary system in place to help mitigate abuse.

4. We have a proprietary system in place that allows us to comply in full with DMCA takedown notices without disrupting our users’ privacy. Because we do not log our users’ activities in order to protect and respect their privacy, we are unable to identify particular users that may be infringing the lawful copyrights of others.

5. We do not attempt to filter, monitor, censor or interfere in our users’ activity in any way, shape or form. BitTorrent is, by definition, allowed.

6. We utilize a variety of payment systems including, but not limited to, PayPal, Stripe, Amazon, Google, Bitcoin, Stellar, CashU, Ripple, Most Major Store Bought Gift card, PIA Gift cards (available in retail stores for “cash”), and more. We utilize a hashing system to keep track of payments and credit them properly while ensuring the strongest levels of privacy for our users.

7. The most secure VPN connection and encryption algorithm that we would recommend to our users would be our suite of AES-256, RSA 4096 and SHA1 or 256. However, AES-128 should still be considered quite safe. For users of Private Internet Access specifically, we offer addon tools to help ensure our beloved clients’ privacies including:

– Kill Switch : Ensures that traffic is only routed through the VPN such that if the VPN connection is unexpectedly terminated, the traffic would simply not be routed.

– IPv6 Leak Protection : Protects clients from websites which may include IPv6 embeds which could leak IPv6 IP information.

– DNS Leak Protection : This is built in and ensures that DNS requests are made through the VPN on a safe, private no-log DNS daemon.

– Shared IP System : We mix clients’ traffic with many clients’ traffic through the use of an anonymous shared-IP system ensuring that our users blend in with the crowd.

Private Internet Access website

1. We never keep traffic logs, and we also don’t keep any logs that might enable someone to match an IP and timestamp back to a user. We work entirely on the basis of shared IPs, meaning that a single IP does not track back to an individual user. For the purpose of improving network resource allocation, we record aggregate data-transfer amounts and choice of server location, neither of which are data points that can identify a specific user as part of an investigation.

2. We are incorporated in the British Virgin Islands and operate according to BVI laws.

3. We block outgoing connections to port 25 to prevent SMTP abuse, and we use firewall rules to prevent some types of DOS attacks.

4. There is nothing to take down, as we are not a content host. We maintain the anonymity of our customers and would not attempt to identify users on the basis of DMCA notices.

5. We allow BitTorrent and other file sharing traffic from all of our servers. We respect our customers’ freedom to use these services and their right to privacy from ISPs and other parties who attempt to monitor such traffic.

6. VISA, Mastercard, Paypal, American Express, Discover, JCB, Diners Club, Alipay, UnionPay, CashU, Webmoney, Yandex Money, Ukash, Giropay, Sofort, Maestro, Carte Bleue, Interac Online, Mint, FanaPay, OneCard, Tenpay, iDeal (we do store name and address as it relates to credit card billing information). And most importantly for privacy focused users, Bitcoin via BitPay.

The information you are required to submit varies with the payment method selected. With Bitcoin we require only an email address so we can communicate with you, and no other personally identifying information.

7. This depends on the platform, but most of our apps use OpenVPN by default, and that’s also our recommendation for best security. Some of our apps have DNS leak protection and maintain VPN routes even when a connection has unexpectedly dropped. We’re actively working on making these features more complete and easier for customers to understand what they do and when they’re active.

ExpressVPN reviews

()

1. No logs are kept whatsoever. TorGuard does not store any traffic logs or user session data on our network because since day one we engineered every aspect of the operation from the ground up, permitting us full control over the smallest details. In addition to a strict no logging policy we run a shared IP configuration that provides an added layer of anonymity to all users. With hundreds of active sessions sharing a single IP address at any given time it becomes impossible to back trace usage.

2. At the time of this writing our headquarters currently operates from the United States. Due to the lack of data retention laws in the US, our legal team has determined this location to be in the best interest of privacy for the time being. Although TorGuard’s HQ is in the US, we take the commitment to user privacy seriously and will uphold this obligation at all costs, even if it means transferring services or relocating company assets.

3. Our network team uses a combination of open source monitoring apps and custom developed tools to mitigate any ongoing abuse of our services. This allows us to closely monitor server load and uptime so we can pinpoint and resolve potential problems quickly. If abuse reports are received from an upstream provider, we block them in real-time by employing various levels of firewall rules to large blocks of servers. Should these methods fail, our team is quick to recycle entire IP blocks and re-deploy new servers as a last resort.

4. Because we do not host any content it is not possible for us to remove anything from a server. In the event a DMCA notice is received it is immediately processed by our abuse team. Due to our shared network configuration we are unable to forward any requests to a single user. In order to satisfy legal requirements from bandwidth providers we may temporarily block infringing protocols, ports, or IPs.

5. Yes, TorGuard was designed with the BitTorrent enthusiast in mind. P2P is allowed on all servers, although for best performance we suggest using locations that are optimized for torrents. Users can find these servers clearly labeled in our VPN software.

6. We currently accept over 200 different payment options through all forms of credit card, PayPal, Bitcoin, altcoins (e.g. dogecoin, litecoin + more), Paysafecard, Alipay, CashU, Gift Cards, and many other methods. No usage can be linked back to a billing account due to the fact that we maintain zero logs across our network.

7. For best security we advise clients to use OpenVPN connections only and for encryption use AES256 with 2048bit RSA. Additionally, TorGuard VPN offers “Stealth” protection against DPI (Deep Packet Inspection) interference from a nosey ISP so you can access the open web freely even from behind the Great Firewall of China. These options are available on select locations and offer excellent security due to the cryptography techniques used to obfuscate traffic. Our VPN software uses OpenVPN exclusively and features built in DNS leak protection, an App Killswitch, and a connection Killswitch. We have also just released a built in WebRTC leak block feature for Windows Vista/7/8 users.

TorGuard website

1. SlickVPN does not log any traffic nor session data of any kind.

2. We operate a complex business structure with multiple layers of Offshore Holding Companies, Subsidiary Holding Companies, and finally some Operating Companies to help protect our interests. We will not disclose the exact hierarchy of our corporate structures, but will say the main marketing entity for our business is based in the United States of America and an operational entity is based out of Nevis.

3. We do not monitor any customer’s activity in any way. We have chosen to disallow outgoing SMTP which helps mitigate SPAM issues.

4. If a valid DMCA complaint is received while the offending connection is still active, we stop the session and notify the active user of that session, otherwise we are unable to act on any complaint as we have no way of tracking down the user. It is important to note that we ALMOST NEVER receive a VALID DMCA complaint while a user is still in an active session.

5. Yes, all traffic is allowed.

6. We accept PayPal, Credit Cards, Bitcoin, Cash, and Money Orders. We keep user authentication and billing information on independent platforms. One platform is operated out of the United States of America and the other platform is operated out of Nevis. We offer the ability for the customer to permanently delete their payment information from our servers at any point. All customer data is automatically removed from our records shortly after the customer ceases being a paying member.

7. We recommend using OpenVPN if at all possible (available for Windows, Apple, Linux, iOS, Android) and it uses the AES-256-CBC algorithm for encryption.

Our Windows and Mac client incorporates IP and DNS leak protection which prevents DNS leaks and provides better protection than ordinary ‘kill-switches’. Our IP leak protection proactively keeps your IP from leaking to the internet. This was one of the first features we discussed internally when we were developing our network, it is a necessity for any good VPN provider.

Note: some of the providers listed in this article are TorrentFreak sponsors and some compensate us for referrals.