What No-Logs Actually Means
A VPN no-logs policy means the provider claims not to store records of your browsing activity, connection timestamps, IP addresses, or DNS queries. The key word is 'claims' -- a privacy policy is a legal document, not a technical guarantee. What matters is whether the infrastructure is designed to make logging impossible even if the provider wanted to, and whether that design has been independently verified.
Types of Data a VPN Could Log
Connection logs (also called metadata logs): when you connected, from which IP address, to which server, for how long, and how much data was transferred. Activity logs: which websites you visited, what you downloaded. Aggregated statistics: anonymized data about server load, popular destinations, error rates -- most providers collect these even with a no-logs policy. A true no-logs policy means no connection logs and no activity logs. Aggregated statistics that cannot be linked to individuals are generally considered acceptable even by privacy advocates.
Why No-Logs Claims Are Difficult to Verify
The provider writes the privacy policy. They have every incentive to write favorable terms. Even if the policy is honest, the technical implementation matters: if connection logs are written to disk and deleted after 24 hours, a snapshot during that window would capture your data. The only ways to verify no-logs claims are: independent technical audits of server infrastructure, court cases or government requests that reveal what data was actually available, and warrant canaries (statements that are removed if a subpoena is received).
Which VPNs Have the Strongest Records
Mullvad: unique model -- no accounts, no email, payment by cash or cryptocurrency possible. Every connection is identified only by an account number. Multiple independent audits of infrastructure. ExpressVPN: has passed multiple audits; in 2017 Turkish authorities seized a server and found no useful logs -- a real-world test. NordVPN: regular independent audits by Deloitte and PwC of no-logs implementation. Proton VPN: run by the same organization as ProtonMail, with a Swiss legal framework that provides additional legal protections against data requests.
What Audits Actually Check
An independent audit of a VPN's no-logs policy checks: whether the server configuration prevents connection log storage, whether RAM-only servers are implemented as claimed, whether any data persists across reboots, and whether the app collects more data than the policy states. Audits do NOT check future behavior -- a provider that passes an audit today could change their practices tomorrow. Regular (annual) audits are more meaningful than a single historic audit.