Friday, September 30, 2022
HomeVPNNon-public Web Entry No Logs Coverage Reviewed by Impartial Agency

Non-public Web Entry No Logs Coverage Reviewed by Impartial Agency

Blog post banner 1

Our dedication to on-line privateness stands on the core of our service – we function below a 100% transparency credo. That mentioned, we all know VPN use is tied to belief. We all know reviewers and journalists have usually talked about our US headquarters as a priority. We’re right here to say that we’ve all the time abided by our hermetic No Logs coverage. We’ve by no means retained any metadata, and we’ve by no means had any knowledge to share with the authorities. 

However we’re an organization that wishes our actions to talk for us. We don’t need you to take our No Logs guarantees at face worth. Similar to we’re clear with our supply code and common Transparency Experiences, we intention to be trustworthy with our infrastructure too. Due to this, Non-public Web Entry underwent an unbiased audit to evaluation our No Logs coverage

Deloitte, one of many Large 4 auditing corporations, reviewed our server surroundings and located that we retailer no logs and no particulars that could possibly be used to determine our customers or pinpoint their actions.

How Did Deloitte Check PIA’s Infrastructure?

We invited Deloitte Audit Romania to evaluation our VPN server community and administration techniques and to look at how we preserve a zero-log VPN service, to be able to verify that server configurations align with inside privateness insurance policies, and should not designed to determine customers or pinpoint their actions. As a part of this assurance engagement venture, Deloitte inspected our server configuration and examined how we preserve a zero-log VPN service. The auditing agency discovered that server configurations align as of June 30, 2022 with inside privateness insurance policies and should not designed to determine customers or pinpoint their actions.

The audit has been performed in accordance with the Worldwide Normal on Assurance Engagements 3000 (Revised) relevant to Assurance Engagements Different Than Audits or Critiques of Historic Monetary Data (ISAE 3000 (Revised)) established by the Worldwide Auditing and Assurance Requirements Board (“IAASB”) and needs to be learn in full.

What Does This Imply for Our Clients?

To place it merely, there may be no hint of your exercise on our servers. It is because our VPN service runs on RAM-only servers. These servers boot on a read-only picture and use RAM modules, versus laborious disks. Arduous disks are historically used as storage, whereas a RAM-only surroundings is extra risky. We additionally configured our servers to routinely reboot. With each reboot or energy outage, all knowledge is instantly deleted.

We designed our community structure particularly to stop knowledge retention. We now have no person knowledge, and we will’t be compelled to share info on our customers – actually, the US authorities can’t pressure US-based VPN suppliers to violate a zero-log coverage due to shopper safety legal guidelines.

Moreover, now we have safety techniques in place to make sure third-party entities can’t pressure their method into our community. A method we do that is by disabling all error logs and debug info. If we ever require error logs for growth functions, we create a wholly new visitors server inside an remoted surroundings. Regardless of potential drawbacks to our creating and debugging processes, it’s a suitable trade-off to securing person knowledge.

Even our Devoted IP service is constructed as a token-based system to stop any affiliation with a selected person. This token is simply saved within the consumer, which isn’t sufficient for a server-side affiliation.

This No Logs Audit Is One other Milestone for PIA

We’ve all the time stayed true to our dedication to on-line privateness. We’ve all the time advocated for digital freedom and anonymity. This Deloitte audit is simply one other milestone in our journey as privateness activists, however it’s not the primary time our No Logs coverage has been scrutinized. PIA is among the few VPN suppliers to have confirmed their zero-log service in court docket. We had been subpoenaed a number of occasions for logs, and every time we had no knowledge to share.

We’re trustworthy and clear with our customers, and we don’t reduce any corners with the VPN service we provide. PIA is among the few VPN suppliers providing 100% open-source VPN apps, regardless of this not being an trade normal apply. Our code is out there for anybody to examine and analyze. 

We’re additionally open with any adjustments to our server infrastructure and preserve our customers knowledgeable. Just lately, in mild of India’s No. 20(3)/2022-CERT-In directive, we’ve pulled out our Mumbai servers and changed them with digital server places. We made this determination to avoid obligatory logging legal guidelines, as we refuse to compromise our service and No Logs dedication. 

Again dwelling within the US, we’ve launched our 50 Servers in 50 States marketing campaign. Sadly, state and federal legal guidelines are nonetheless enjoying catch-up with cybercrime, so we’ve taken it upon ourselves to assist Individuals shield their on-line privateness and safe their visitors from malicious actors.

Extra updates to our infrastructure are coming quickly, as we’re present process in depth {hardware} optimization. For instance, we’re slowly transitioning our fleet to colocated servers to supply elevated safety measures, higher VPN speeds, and extra dependable connections. This additionally means we’re investing in and managing extra of our personal next-generation servers.

We’ve all the time put our customers’ privateness and digital security on the forefront of our service, and we’re grateful for the customers who put their belief in us. We’ll by no means break that belief, and we’re holding true to our dedication to deliver extra transparency to the trade. We’re open to future unbiased audits and also will be updating our Transparency Report editions on a extra common foundation all year long.

Select PIA for High-High quality Safety and On-line Privateness

We’re long-time advocates for digital privateness and cybersecurity within the US, and now now we have an unbiased audit that attests to our No Log VPN service. We provide the strongest knowledge safety software program doable, and our VPN on-line protect is essential to protecting your info secure on this digital age. It doesn’t matter for those who want a Home windows, macOS, iOS, Android, or Chrome VPN, PIA protects as much as 10 of your units concurrently.

We are able to unequivocally state that we don’t retailer any person exercise log or metadata. And we wouldn’t have it another method.

We take our No Logs coverage severely, and this audit will not be our ultimate endeavor. Sooner or later, we’ll proceed to be clear with the safety safeguards we put in place for our customers. 

VPN Service



Please enter your comment!
Please enter your name here

Most Popular

Recent Comments