Deloitte verifies NordVPN's no-logs claim


The audit firm has confirmed that NordVPN doesn’t store any incoming or outgoing traffic data.

“We do not know anything about our users' online activities while they are using our services,” NordVPN said.

It’s the fourth time the firm has completed an independent audit to confirm its no-logs statement. This means the company doesn’t track, collect, or share any user activity online.

NordVPN said Deloitte experts had access to NordVPN services from November 30 until December 7, 2023, and reviewed privacy-relevant configuration settings and procedures on Obfuscated, Double VPN, Standard VPN, Onion Over VPN (TOR), and P2P servers.

“We firmly believe that a no-logs policy should be an industry standard,” Marijus Briedis, CTO at NordVPN, is quoted in a press release.

While NordVPN does need specific user information like credentials and subscription status for a brief period of time, it doesn’t store any user and destination IP addresses, browsing history, or files downloaded, among other things. All communications between the user and the server are encrypted.

While a no-logs policy should be an industry standard, it is not. It’s quite often the case with free VPNs. While some logs are harmless and do not expose users, extensive data logging is dangerous.

Some VPN providers actually make money by logging data about their users' online activity and selling it to advertisers.