NordVPN passes second privacy audit with flying colours

NordVPN No User Logs

NordVPN has subjected itself to a new independent audit which has confirmed that its claimed no user policy really does stand up to scrutiny.

The audit was carried out by PricewaterhouseCoopers AG (PwC) Switzerland, one of the so-called Big-4 accountancy and auditing firms.

It took place between the 20th and 28th May 2020 and involved an assessment of NordVPN’s standard servers, double-hop servers, obfuscated servers, and P2P servers.

What PwC said about NordVPN’s no user logs claims

As part of their audit, PwC inspected the logging criteria of all the relevant servers, the log files on a sample of servers, and the configuration of the servers.

They also checked the central service servers for all relevant NordVPN services and the logging configuration and stored information on NordVPN’s central databases.

According to PwC, they are confident that the analysis they carried out is more than sufficient to allow them to reach a conclusion about NordVPN’s no user logs policy.

And it’s good news for NordVPN and their users. PwC concluded that “nothing has come to our attention” that would lead them to question NordVPN’s claims to have a no user logs policy. In other words, they have given NordVPN’s privacy policy a clean bill of health.

This is not the first time that PwC has carried out an independent audit of NordVPN’s no user logs promise. Their first took place two years ago, in 2018, and reached a similar conclusion.

This means that, although PwC is at pains to stress their audit is only applicable for the time period they were assessing NordVPN, users can have plenty of confidence in NordVPN’s privacy policies.

Why Independent Audits matter

This is crucially important because the truth is that any VPN can claim to have a no user logs guarantee. Most users do not have the technical expertise or the access to verify these claims and so have no choice but to take them on trust.

By submitting themselves to an independent audit, VPN companies can prove to their users that the privacy claims they make, such as a no users logs guarantee, are actually verifiably true and not just hot air.

A number of top VPNs have already undergone such an audit. But NordVPN has led the way and, as far as we know, are the first to repeat the process to provide fresh peace of mind to their users.

As NordVPN’s head of public relations, Laura Tyrell, explains, this is of paramount importance to the company.

“Our commitment to transparency is absolutely paramount. With public anger at social injustice on the rise, privacy and protection of the freedom of speech remain our top priority. As a leader in the field, we feel responsible for setting the highest and lasting standards of no-log policies,” she explained.

The NordVPN evolution

Privacy audits are not the only way in which NordVPN is attempting to be more accountable to their users.

Last year, they commissioned independent auditor VerSprite to conduct a detailed security audit of all their apps.

They gave VerSprite full access to all their app coding and while the audit came back relatively clean, there were a few vulnerabilities that were identified which NordVPN quickly addressed. This is exactly the point of these audits and is precisely why NordVPN underwent such a process.

Last year they also launched a bug bounty programme. This is intended to encourage pro-security hackers to test NordVPN’s software and infrastructure for bugs and vulnerabilities which they then report this to NordVPN.

NordVPN rewards them for their efforts and gets to fix the vulnerabilities before a malicious hacker is able to take advantage of them.

It is a win-win situation for both parties, but the biggest winner of all is the NordVPN users. There are currently 12 million of them in total, all around the world, and these audits and schemes are part of NordVPN’s gradual evolution into one of the most dependable and trustworthy VPNs on the market.

They have also broadened the service they offer too with the addition of new tools like NordPass, a new-generation password manager, NordLocker, a powerful file encryption tool, and NordVPN Teams, a new VPN solution for businesses, freelancers, and teams.

This range of services along with their strong privacy protections, excellent encryption and security, a wide range of servers, and a myriad of different features, is one of the reasons why NordVPN is one of Editor’s Picks of the best VPNs on the market right now.

You can read our recent detailed NordVPN review of their service to find out more.

Author: David Spencer

Cyber-security & Technology Reporter, David, monitors everything going on in the privacy world. Fighting for a less restricted internet as a member of the VPNCompare team for over 7 years.

Away from writing, he enjoys reading and politics. He is currently learning Mandarin too... slowly.

Leave a Reply

Your email address will not be published. Required fields are marked *