Torrentfreak recently released their 2015 report on VPN services. Their survey asks the following questions to a number of VPN providers:
- Do you keep ANY logs which would allow you to match an IP-address and a time stamp to a user of your service? If so, exactly what information do you hold and for how long?
- Under what jurisdiction(s) does your company operate?
- What tools are used to monitor and mitigate abuse of your service?
- Do you use any external email providers (e.g. Google Apps) or support tools ( e.g Live support, Zendesk) that hold information provided by users?
- In the event you receive a DMCA takedown notice or European equivalent, how are these handled?
- What steps are taken when a valid court order requires your company to identify an active user of your service? Has this ever happened?
- Does your company have a warrant canary or a similar solution to alert customers to gag orders?
- Is BitTorrent and other file-sharing traffic allowed on all servers? If not, why?
- Which payment systems do you use and how are these linked to individual user accounts?
- What is the most secure VPN connection and encryption algorithm you would recommend to your users? Do you provide tools such as â€œkill switchesâ€ if a connection drops and DNS leak protection?
- Do you use your own DNS servers? (if not, which servers do you use?)
- Do you have physical control over your VPN servers and network or are they outsourced and hosted by a third party (if so, which ones)? Where are your servers located?
The answers provided should give their readers a good sense of which VPN services are more likely to keep their customers' identities anonymous.