The main (and arguable sole) purpose of VPN is to ensure that its users remain anonymous when online. Governments (often under heavy pressure from well-funded anti-piracy lobbyists) like to know what their citizens there doing, and hence many of them are attempting to introduce wide ranging legislation aimed at spying on every internet users’ every online action. In the UK the proposed Communications Data Bill, otherwise known as the ‘snoopers charter’, and in the US the Cyber Intelligence Sharing and Protection Act (CISPA) are good examples of this.
While these wholesale assaults on the notions of privacy and freedom have yet to pass into law, other equally pernicious but less headline catching legislation has been enacted, such as the EU wide mandatory Data Retention Directive which states that all communications providers (including VPN companies) must keep logs of all users activities for a minimum of 12 months (and a maximum of 2 years).
In practice this directive has in some counties met with a great deal of resistance, and in Germany and the Czech Republic has been ruled unconstitutional by their courts. Other counties have been slow to comply (Sweden for example only fell into line in2012 and even then only accepted a 6 month minimum data retention period) while others, although accepting the legislation, have yet to push for its enforcement. In addition to this, while the law is in force in Luxemburg and the Netherlands, it has been ruled not applicable to VPN providers.
It is a simple fact that the only way a VPN provider can guarantee its users’ complete anonymity is if it keeps no records of their activities which they may later be required to hand over to the authorities or copyright infringement enforcers. If they have no records then there is nothing to hand over, and it is for this reason that we only recommend companies that keep no logs.
