Sunday 30 April 2017
We have a well-documented, proactive stance on cyberstalking. Several organizations have appreciated and applauded our stance in the recent past, which is a source of pride for us. Having said that, a recent cyber stalking incident was extensively reported in leading tech publications, where a certain individual was arrested on suspicion of masterminding a cyberstalking campaign against a young woman and her family.
Despite the actions of the accused, fingers pointed towards PureVPN for all the wrong reasons. To avoid further confusion for our customers, and to prevent a skewed and false portrayal of PureVPN, we believe now is the right time to initiate communications. As a VPN provider, PureVPN was unfortunately dragged into this incident because of a lack of clarity on network logging mechanisms implemented throughout the industry.
It’s important to clarify important technical terminologies before moving forward. Doing so will help us address the terms that might come across as confusing or at times, too broad. There are two types of logs within the context of a VPN service:
When speaking of networking logs, you will often notice mention of timestamps; timestamps associate with IP address, connection initiation and disconnection from the VPN providers servers.
The answer is no. It is such by design. They simply can’t.
If I were to say that the entire picture is a glimpse of what you were doing online, network logs maintained by PureVPN make up no picture by themselves. They are just random numbers and reveal nothing. If a user intentionally indulges in attacking, hacking, abusing, threatening or other similar unanimously unethical activities (as also detailed in our Terms of Service) the victim (any organization providing a service online) of such attacks would then identify these instances in their network logs. If someone indulges in such activities and if an official complaint is filed, authorities then reach out to us with a valid court order or subpoena (in some cases alleged victims or authorities directly themselves) providing us the counterpart network logs from the attacked service’s servers.
Just to reiterate, we absolutely, under no circumstances, monitor, collect or share information related to browser activities or browsing habits.
Think of it like this: A network log is automatically generated every time a user visits a website. For the sake of this example, let’s say a user logged into their Gmail account. Every time they accessed Gmail, the email provider created a network log.
TLDR; to confirm someone’s real IP, two different set of Network Logs are required: one from the VPN provider and the other from the server where the IP visited, browsed or downloaded something. Any one set of Network Logs on its own is pretty much useless since it contains no valuable information. The two must be compared and verified for any link to be confirmed.
Unlike organizations who are legally bound to the laws of and mass surveillance programs in US, UK, Canada, Australia and similar regimes, PureVPN helps avoid jurisdictions affected by the infamous mass surveillance programs like PRISM, ECHELON, XKeyscore, Tempora and others. Keeping this in mind:
Do you think VPN Providers and other organizations based in any of those affected jurisdictions can really live upto their so-called Zero-Log policy?
In order to obtain the network logs from our end, any law enforcement agency must come to us through the consumer privacy-friendly, non-spying jurisdiction of Hong Kong. In order for the case to be considered and acted upon, any charges or allegations must be in accordance with the laws of Hong Kong. Since Hong Kong is not part of any of those infamous surveillance programs those requests will simply be blocked even before it reaches us.
Tails-news: donation campaign for 2019 begins today. Every day, Tails helps thousands of people to safely use their computers online and offline. Tails is available for (...)
Warning – Numerous VPN service providers assure not to keep users’ log files of their connections and it is generally false! Many VPN services that promise anonymity for (...)
Your data is YOUR data! eelo in short. eelo recognises the need shared by everyone for better data privacy. The eelo project will provide an alternative mobile operating (...)
34c3 - Ethics, Society & Politics - Chaos Computer Club.Uncovering British spies’ web of sockpuppet social media personas. A secret British spy unit created to mount cyber (...)