What No-Logs Actually Means
A no-logs VPN claims it does not store records that could be used to identify what you did online or when you connected. The most meaningful interpretation: the VPN does not log IP addresses (yours or the server's), connection timestamps, session durations, DNS queries, or traffic content. If no such records exist, a court order to produce them yields nothing. This is the core privacy promise of a no-logs VPN.
What Most VPNs Do Log
Very few VPNs are truly zero-log. Most keep some operational data: total bandwidth used per account (for abuse detection and capacity planning), whether an account is currently connected (for device limits), and aggregate statistics about server load. These records are typically not linkable to specific browsing activity and are often deleted within hours or days. The distinction between 'no logs' (no identifying records) and 'no usage logs' (no record of sites visited) matters -- read the privacy policy carefully.
Verified vs. Claimed No-Logs
Many VPNs claim no-logs. Fewer have verified it. Verification comes in two forms: independent audit (a security firm reviews the VPN's systems and confirms the absence of logging infrastructure), and real-world proof (servers seized by authorities yielded no useful data). The gold standard is both. Mullvad: audited by Cure53 and by Assured AB; Swedish police raided a Mullvad data center in 2023 and left with nothing because there was nothing to take. ExpressVPN: Turkish authorities seized a server in 2017 investigating the Russian ambassador murder; the server contained no logs. ProtonVPN: multiple independent audits by SEC Consult. NordVPN: audited by Deloitte and PricewaterhouseCoopers.
RAM-Only Servers
Some VPNs have moved to diskless (RAM-only) servers. Since RAM is wiped on every reboot and contains no persistent storage, there is physically no disk to seize. ExpressVPN (TrustedServer), Mullvad, and ProtonVPN use RAM-only infrastructure for some or all servers. This is stronger than a software no-logs policy because it is a hardware guarantee -- even if someone gains physical access, there is nothing to read.
What to Check Before Choosing
Read the actual privacy policy, not the marketing summary. Look for: which data is collected (even temporarily), how long it is retained, whether it is linkable to individual users. Check whether an independent audit has been published (not just 'we have been audited' -- the actual report should be downloadable). Check whether the VPN has faced a real-world test (server seizure, court order) and what the result was. VPNs that have passed real-world tests under legal pressure are meaningfully more trustworthy than those whose no-logs policy is untested.