A 24-year-old Massachusetts man named as Ryan Lin has been arrested in a Cyberstalking case which in part was brought after one of the largest VPN providers, PureVPN handed over information that linked Lin to his alleged crimes.
VPN services are used by those wanting to protect their online privacy. Often to thwart unnecessary government snooping but also protecting from 3rd parties invading their privacy.
The recent arrest will surprise many as it is assumed that a VPN is a catch-all protection device which should, in theory, block any type of criminal investigation linking defendants to their alleged crimes.
It appears not to be the case for 24-year old Lin who is facing up to 5-years in prison should he be convicted.
In court documents unveiled at the United States District Court for the District of Massachusetts, Lin is accused of using various methods to stalk a former roommate, Jennifer Smith.
As well as releasing Smith's personal details online known as “doxing” Lin is accused of accessing her cloud accounts and releasing sexually suggestive images purporting to be Smith. Lin further sent excerpts of Smith's personal diary to her friends and family causing an untold amount of grief and angst for both Smith and her family.
Most interestingly in the case is the mention that Lin employed the use of services to hide his online activity including Tor, VPN services and Protonmail.
PureVPN involvement worrying
What will come as a shock to most is the involvement of PureVPN, a Hong Kong registered VPN provider operated out of Pakistan in a US law enforcement case.
Being one of the largest and well known names, PureVPN is used by hundreds of thousands of users around the world and it is without question that the service will be used by a few suspicious characters such as Lin.
What will surprise most is that it appears logs or information handed over by PureVPN culminated in Lin being linked to his online activities, something which a VPN is supposed to protect against.
Excerpts from the case documentation unveiled at the court state “Further, records from PureVPN show that the same email accounts–Lin's gmail account and the teleportfx gmail account–were accessed from the same WANSecurity IP Address.”
Which also goes on to say “Significantly, PureVPN was able to determine that their service was accessed by the same customer from two originating IP addresses”.
Logs or no logs
Most users choose services that store “no logs” but by “no logs” most services mean they store no logs of the user activity but often store time stamp logs that show when a user connected, disconnected and how much data was transferred.
When this is coupled with logs of what home IP address they connected from and what VPN IP address they were assigned it is easy to connect the dots of any services that were accessed between that time.
This is especially true when a user is assigned a specific VPN IP Address which no other user is also utilising, also known as a dedicated IP Address as opposed to the more secure Shared IP address form.
PureVPN has recently redesigned their website which doesn't make privacy policies or information on logging practises instantly clear, however, under their “Why PureVPN” section they state “We practice Zero Log policy that means we do not record your activities or what you do online”.
Too much expectation
VPN services are never recommended for breaking the law and recent revelations over the past few years involving HideMyAss, EarthVPN and now PureVPN show this to be the case.
While a VPN can certainly improve your online privacy and helps stop 3rd party companies and unnecessary government snooping it is evident it is never going to stop a criminal investigation of such seriousness as in the Lin case.
Most worryingly are the claims of privacy made by PureVPN will now be considered to be false and users wary of using a service that is confirmed as cooperating with law-enforcement.
While no legitimate VPN company can avoid cooperating with law enforcement there are those that used shared IP addresses and do not store details that could link user activity to their actions.
We reached out to PureVPN for comment on the case but as of yet we have received no response and will update this article accordingly should they reply.