More people are now aware of their digital privacy, leading to an influx of netizens subscribing to VPN services around the world.

In the 1st quarter of 2018, netizens using a VPN grew by 18% in North America, 18% in Europe, 20% in the Middle East & Africa, 23% in Latina America, and 30% in the Asia Pacific.

Internet Users with VPN (2018 Statista)

However, one of the reasons why most people stop using VPN services is the lack of transparency. Not many providers in the marketplace are honest about their offerings.

Most avoid revealing details about their headquarters, owners, investors, the board of directors, warrant canaries/transparency reports, and auditing processes (if any).

Therefore, BestVPN.co created this “Transparent VPNs” guide, where you will gain all background info. I approached various VPN support teams via email, asking THEM invasive questions 😉

 

Are VPNs Really Keeping You Safe?

There is no doubt that VPNs are handy tools. They cloak your IP address, mask your location, and encrypt incoming/outgoing traffic, giving users a key to opening locked doors.

These VPN features are particularly true for users based in countries with tough internet laws, like Iran, Iraq, Turkey, China, Russia, UAE, and Egypt. Among these, some even ban Facebook, WhatsApp, Google, etc.

Many VoD services impose geo-limitations too. Not to mention, copyright infringement hunters are always on the lookout for those downloading pirated material via p2p/file sharing.

Using a VPN offers protection from these hunters, keeps you safe from prying eyes, allows you to unblock restricted content, and regain access to your favorite social media platforms/apps.

Some netizens even use them for accessing sites/files/services at work or for simply communicating with friends/family abroad, as shown in the VPN Usage Reasons study below.

Leading Motivations for VPN Usage (2018 Statista)

Things Do Get a Little Complicated Though!

Where there are positives, there are negatives too. I could tell you that VPNs offer complete safety to users, but that would be a lie. Think of using a VPN as your first step to leveraging digital privacy.

However, these services do come with their own set of complexities. When judging the “safety” of a VPN, quite a lot of factors come into play, urging users to enhance their knowledge.

For instance, a VPN service based in a 5, 9, or 14 Eyes Jurisdiction may not be the safest option, because of government-imposed mandatory Data Retention and Mass Surveillance laws.

Similarly, there are different “logging policies” for each provider. Where some may be logless, most may indulge in the recording of session/connection information.

Then, you have issues concerning WebRTC/DNS/IP address leaks and the usage of fake (virtual) locations, without providers being honest about them with customers/prospects.

Most importantly, VPN providers do not reveal basic information about their service, lacking the transparency necessary for users to trust their product.

Inquiring VPN Providers about Transparency via Email

The lack of transparency from providers urged me to contact them privately on email and learn more about different VPN services by asking them several invasive questions.

I wanted to see how most providers would respond with the tables turned. Instead of them asking us for information, I created a list of questions for them to answer.

Where some were comfortable sharing background details, others were selective on which questions they wanted to respond to, creating suspicion.

The questions included information about the company’s headquarters, its location, owners and investors behind the company, and board of directors. I further asked whether the VPN issued transparency reports or conducted a third party audit.

I emailed around 180+ providers when I was conducting my research for this VPN comparison guide. So far, I have received responses from 15 and only 3 providers are completely transparent:

  1. Perfect Privacy
  2. Hide. me
  3. CyberGhost

I will keep updating this list as I get more responses…

Perfect Privacy – Based in Switzerland and Founded in 2014

Where is your company headquarters? Could we get an address?

Our headquarters is in Switzerland. The exact address can be found in our imprint: https://www.perfect-privacy.com/en/imprint

Do you publish Transparency Reports/Warrant Canaries?

Yes, we publish Warrant Canary statements.

If yes, how often? A link to a URL or PDF file would be helpful!

Every month. Here is the link: https://www.perfect-privacy.com/en/warrant-canary. We do not publish regular transparency reports regarding.

In the case of official inquiries, we always kindly inform them that we do not have any data that we could disclose. You also don’t have to publish every DCMA request.

In case of server seizures, we inform you on our blog: https://www.perfect-privacy.com/en/blog/server-seizure-in-rotterdam

Have your claims been audited by an independent third-party security firm?

No, we do not need to audit our claims. Well, we sometimes see these audits with other providers, however, we can’t fight the feeling they are just marketing bullshit.

I mean, you lie to your customers, why not also lie with the audit? Why even do an audit? Just produce some nice PDF claiming some awesome audit.

Also, even with some legit audit, what stops any provider from just enabling logging and all shenanigans the moment the audit is over?

If not, why have you not been audited yet? Any reasons?

As I said: These no logging audits are not usable. We’ve been in business for over 10 years now, and there have been events like the one in Rotterdam. The scene knows that you can rely on us 100 percent.

Could we get some info on the owners behind the company?

We can confirm we are all humans, all located in Europe, and have known each other for many years because of shared interests in computer, security, hacking and activism.

Do you guys have any investors and is the information available publically for users?

In our business, it is very important to work independently. That’s why we work completely without investors. It’s not about growing fast either.

We want to offer a professional VPN service that provides the highest level of security. This is what the scene also appreciates about us.

Who are the Board of Directors of your company?

Damn, that will be so cool once we are Giant Corporation with a board of directors. Just Kidding, but seriously, there are no board of directors.

nVPN – Based in Bosnia and Founded in 2010

Where is your company headquarters? Could we get an address?

We don’t have such thing like an “official location” and therefore no address either. We are a group of four privacy enthusiasts most spread over the eastern European region in Bosnia, Ukraine, Poland, and Serbia.

Do you publish Transparency Reports/Warrant Canaries?

We are actually thinking about to do this soon, yes, but we don’t have such thing in place yet, but is planned for 2019 to make some kind of archive which every member can access and read our replies.

If there are no published transparency/clearance reports, what are the reasons?

There is no reason not to publish our replies and handlings, really, we don’t have anything to hide. As said above we will get this published and accessible to our members in 2019.

I can’t tell the exact date yet, since we have many other tasks on the to do list first (Implementation of WireGuard, full native IPv6 and release of our Linux and Mac OS client – next 2-6 weeks).

Have your claims been audited by an independent third-party security firm?

Me personally, i would have no problem to do this, the question is just how and which firm would do such audit and how, i mean how such an audit really looks like in the reality, which data they want to see database, server side.

I mean, the server side is no problem nothing interesting there anyways – but the customer database is another story we have customer emails there, so not sure which firm could do this who is trustable enough and how.

Why have you not been audited yet? Any reasons?

No reason against it, just unsure how this will be done and who is trusted enough to perform the audit.

Could we get some info on the owners behind the company?

We have no single owner, like stated above everyone and nobody owns nVPN.net we have four people.

Where two of them have Domain access only one of those has Database access rights, no owner exists here.

Do you guys have any investors and is the information available publically for users?

We have no investors at all, all is self-made, and self handled between the four people I’ve mentioned above.

Who are the Board of Directors of your company?

None.

Hide.Me – Based in Malaysia and Launched in 2012

Where is your company headquarters? Could we get an address?

We are incorporated in Malaysia, our company address is: eVenture Limited, Office 2.19, Lazenda Commercial Center, Federal Territory of Labuan, 87007 Malaysia. Registration Number: LL09685

Do you publish Transparency Reports/Warrant Canaries?

Yes, we do publish periodicity transparency report with the historical data.

If yes, how often? A link to a URL or PDF file would be helpful!

The last one was 2015, and the next one will be published in the next two or three weeks.

https://hide.me/en/blog/leon-juranic-certifies-hide-me-as-one-of-the-most-anonymous-vpn-provider/

Have your claims been audited by an independent third-party security firm?

Yes, we are one of the first VPN company that have been audited by an independent auditor/company.

If yes, when was your VPN service last audited? Could we get a link to a URL/PDF file?

https://hide.me/en/blog/leon-juranic-certifies-hide-me-as-one-of-the-most-anonymous-vpn-provider/

Could we get some info on the owners behind the company?

The company is entirely privately owned.

Do you guys have any investors and is the information available publically for users?

No, we do not have third-party investors.

Who are the Board of Directors of your company?

Director of the company is Sebastian Schaub.

CyberGhost VPN – Based in Romania and Launched in 2011

Where is your company headquarters? Could we get an address?

We’re in Bucharest, Romania, outside of the 5 Eyes, 9 Eyes, 14 Eyes alliance jurisdictions. Our details are here: https://www.cyberghostvpn.com/en_US/imprint

Do you publish Transparency Reports/Warrant Canaries?

Yes, we were the first ones in the VPN industry to publish a Transparency Report back in 2011. It’s a tradition we hold dear.

If yes, how often? A link to a URL or PDF file would be helpful!

Our yearly Transparency Report is here: https://www.cyberghostvpn.com/en_US/transparency-report

The numbers of legal request for Q1 2019 will soon be live on our Privacy Hub: https://www.cyberghostvpn.com/privacyhub/

Have your claims been audited by an independent third-party security firm?

No.

Why have you not been audited yet? Any reasons?

So far, we have been focused on building the best VPN for our users. But we plan on having our VPN audited in the future.

Could we get some info on the owners behind the company?

This is not common in the VPN industry, but all the details about us are public. Meet our team and our office dogs here: https://www.cyberghostvpn.com/en_US/team

More here: https://www.cyberghostvpn.com/en_US/transparency-report/about-us and here: https://www.instagram.com/cyberghost_private_life/?hl=en

Do you guys have any investors and is the information available publically for users?

We’re part of Kape. More details here: http://www.kape.com/about-us.html

Who are the Board of Directors of your company?

You can find all details here: http://investors.kape.com/board-of-directors

Hotspot Shield – Based in the USA and Launched in 2005

Where is your company headquarters? Could we get an address?

Our headquarters are in Redwood City CA. Address: 1800 Seaport Blvd Redwood City CA.

Do you publish Transparency Reports/Warrant Canaries?

Yes, we publish transparency reports. Because we do not collect information that allows us to trace Internet usage on our VPNs back to individual users.

We do not and cannot provide information to governments, law enforcement agencies, or other third parties about what websites our users visit when using our services.

Additionally, we cannot identify an individual user based on a public-facing IP address.

If yes, how often? A link to a URL or PDF file would be helpful!

Every year. Here is the link https://www.hotspotshield.com/reports/AnchorFree_Transparency_Report-2018.pdf

Have your claims been audited by an independent third-party security firm?

Yes. AVTEST

If yes, when was your VPN service last audited? Could we get a link to a URL/PDF file?

https://www.av-test.org/fileadmin/pdf/reports/AV-TEST_VPN_Trust_Report_August_2018_EN.pdf

Could we get some info on the owners behind the company?

You can find information about the team and board of directors on the Anchorfree site: https://www.anchorfree.com/team

Do you guys have any investors and is the information available publically for users?

You can find information about the team and board of directors on the Anchorfree site: https://www.anchorfree.com/team

Who are the Board of Directors of your company?

You can find information about the team and board of directors on the Anchorfree site: https://www.anchorfree.com/team/

VPNSecure – Based in Australia and Founded in 2010

Where is your company headquarters? Could we get an address?

Level 1/360 St Paul’s Terrace Fortitude Valley, Brisbane Queensland.

Do you publish Transparency Reports/Warrant Canaries?

Up until recently, we had a Warrant Canary published – however in Australia, Warrant Canaries are illegal now and we had to remove it.

We are in the process of moving the company to Hong Kong due to recent changes in the Australian law – once this move is completed we will re-publish the Warrant Canary

Have your claims been audited by an independent third-party security firm?

We do get third party penetration testing audits completed, the last test was completed in November 2017 by Senseon Solutions

Having our claims of no logging verified by a third party such as Senseon is not something we considered previously, however we may look at doing this in future to give customers a peace of mind.

Could we get some info on the owners behind the company?

Shayne McCulloch – Linked IN https://www.linkedin.com/in/shaynem

Do you guys have any investors and is the information available publically for users?

No Investors.

Who are the Board of Directors of your company?

Shayne McCulloch.

ProtonVPN – Based in Switzerland and Founded in 2014

Where is your company headquarters? Could we get an address?

Our headquarters is in Geneva, Switzerland. Chemin du Pré-Fleuri, 3 CH-1228 Plan-les-Ouates, Genève, Switzerland.

Do you publish Transparency Reports/Warrant Canaries?

Yes, we update our Transparency Report & Warrant Canary whenever there is a notable new legal request.

If yes, how often? A link to a URL or PDF file would be helpful!

It was last updated on February 2nd, 2019: https://protonvpn.com/blog/transparency-report/

Have your claims been audited by an independent third-party security firm?

Not yet as we have been fully transparent to our users with regards to our headquarters, owners, service, etc.

However, we are considering an audit in the near future as it has become an industry standard.

Could we get some info on the owners behind the company?

ProtonVPN AG is fully owned by Proton Technologies AG.

Do you guys have any investors and is the information available publically for users?

No answer.

Who are the Board of Directors of your company?

The Board of Directors of ProtonVPN AG is Antonio Gambardella.

Windscribe – Based in Canada and Launched in 2015

Where is your company headquarters? Could we get an address?

9251 Yonge St #8901, Richmond Hill, ON, L4C 9T3, Canada. Before you say Canada = 5 eyes = bad: https://blog.windscribe.com/i-doesnt-matter-how-many-eyes-you-have-66f59fc1e777

Do you publish Transparency Reports/Warrant Canaries?

Yes we do.

If yes, how often? A link to a URL or PDF file would be helpful!

https://windscribe.com/transparency

Have your claims been audited by an independent third-party security firm?

No.

Why have you not been audited yet? Any reasons?

We’re working on a system that will go beyond a 3rd party audit and allow anyone to verify our claims without having to rely on “experts”.

Could we get some info on the owners behind the company?

https://www.crunchbase.com/organization/windscribe#section-overview

https://angel.co/windscribe

Do you guys have any investors and is the information available publically for users?

No investors.

Who are the Board of Directors of your company?

Yegor sak.

ibVPN – Based in Romania and Founded in 2003

Where is your company headquarters? Could we get an address?

Our company is located in Tirgu-Mures, Romania. The address is publicly available on our site, in the footer area: https://www.ibvpn.com

Do you publish Transparency Reports/Warrant Canaries?

No

If yes, how often? A link to a URL or PDF file would be helpful!

N/A

Have your claims been audited by an independent third-party security firm?

No

Why have you not been audited yet? Any reasons?

Our company must comply with GDPR, and we have spent the year before 25 May 2018 to prepare and the following months to implement data protection mechanism that assures our clients that their data is safe. The objective for 2019 is to successfully implement ISO 27001 (Information security management) and 9001 (Quality management).

Could we get some info on the owners behind the company?

SC Amplusnet SRL is the company that holds full ownership of ibVPN. The company owners are private persons that are involved in developing and maintaining the ibVPN service.

Do you guys have any investors and is the information available publically for users?

We have no investors.

Who are the Board of Directors of your company?

You can check for the public information about the company SC Amplusnet SRL.

KeepSolid – Based in the USA and Founded in 2013

Where is your company headquarters? Could we get an address?

KeepSolid’s headquarters is in New York. Our address is 3220 Arlington Ave. Suite 5A Bronx, NY 10463, United States

Do you publish Transparency Reports/Warrant Canaries?

No.

If yes, how often? A link to a URL or PDF file would be helpful!

N/A

Have your claims been audited by an independent third-party security firm?

No.

If yes, when was your VPN service last audited? Could we get a link to a URL/PDF file?

N/A

Or if not, why have you not been audited yet? Any reasons?

This is on top of our plans this year.

Could we get some info on the owners behind the company?

Our owners are Vasiliy Ivanov and Oleg Bocharnikov. You can check more info on them here https://www.keepsolid.com/pressroom/board-of-members

Do you guys have any investors and is the information available publically for users?

No, we do not have any investors. We’re a bootstrap company.

Who are the Board of Directors of your company?

Please check more info on our Board of Directors at www.keepsolid.com/pressroom/board-of-members

Mullvad – Based in Sweden and Launched in 2009

Where is your company headquarters? Could we get an address?

Amagicom AB, Box 53049, 40014 Gothenburg, Sweden.

Do you publish Transparency Reports/Warrant Canaries?

No, There are no laws in Sweden that requires us to collect/log/act against our users any data that applies to us, read more: https://www.mullvad.net/guides/swedish-legislation/

Have your claims been audited by an independent third-party security firm?

Yes.

If yes, when was your VPN service last audited? Could we get a link to a URL/PDF file?

https://mullvad.net/blog/2018/9/24/read-results-security-audit-mullvad-app/

Could we get some info on the owners behind the company?

Amagicom is 100% owned by founders: Fredrik Strömberg and Daniel Berntsson.

Do you guys have any investors and is the information available publically for users?

No.

Who are the Board of Directors of your company?

Fredrik Strömberg, Daniel Berntsson, and Jan Jonsson (CEO)

SigaVPN – Based in the USA and Launched in 2017

Where is your company headquarters? Could we get an address?

PO Box 1722, Southaven, MS, 38671, Unites States. Due to it being a sole proprietorship and something I do on the side, there is no reason to rent an office.

Do you publish Transparency Reports/Warrant Canaries?

Warrant canaries are NOT always reliable. The US government can force someone to update it. In my opinion over thinking about warrant canaries for an extensive period of time.

I determined it just creates a false sense of security. I don’t have transparency reports because there have been zero government requests served to me.

I would publish one in the event of receiving a government request.

Have your claims been audited by an independent third-party security firm?

No.

Why have you not been audited yet? Any reasons?

Auditing is expensive.

Could we get some info on the owners behind the company?

I’m a system administrator and privacy advocate.

Do you guys have any investors and is the information available publically for users?

Donators help run the service. To protect their privacy, I don’t share their information.

Who are the Board of Directors of your company?

Just me.

PrivateVPN – Based in Sweden and Founded in 2009

Where is your company headquarters? Could we get an address?

Sweden – Sollentuna.

Do you publish Transparency Reports/Warrant Canaries?

No

If yes, how often? A link to a URL or PDF file would be helpful!

N/A

Have your claims been audited by an independent third-party security firm?

No.

If yes, when was your VPN service last audited? Could we get a link to a URL/PDF file?

N/A

Why have you not been audited yet? Any reasons?

There is no specific reason. There is a plan to launch an audit when we have our new environment installed.

Could we get some info on the owners behind the company?

You can find more information about the company here: https://www.allabolag.se/5568951486/privat-kommunikation-sverige-ab

Do you guys have any investors and is the information available publically for users?

There are no external investors!

Who are the Board of Directors of your company?

You can find more information about the company here: https://www.allabolag.se/5568951486/privat-kommunikation-sverige-ab

WASEL Pro – Based in the Netherlands and Founded in 2012

Where is your company headquarters? Could we get an address?

The address in www.bvpn.com  footer. Laanzichtweg 60-B 4847 SJ Teteringen (Breda), Netherlands.

Do you publish Transparency Reports/Warrant Canaries?

Yes, However, we didn’t have any incidents in our 9 years of operation.

If yes, how often? A link to a URL or PDF file would be helpful!

We had 0 incidents.

Have your claims been audited by an independent third-party security firm?

Nope.

Why have you not been audited yet? Any reasons?

We haven’t been approached by any credible organizations.

Could we get some info on the owners behind the company?

The service is owned and found by a small group of developers who found internet in the mid 90s and doing everything they can to keep it as open as it used to be.

Do you guys have any investors and is the information available publically for users?

Nope, The service is built, funded, run by the same group of developers, no investors, no bank ownership.

Who are the Board of Directors of your company?

The same 3 developers.

Seed4Me – Based in Taiwan and Launched in 2012

Where is your company headquarters? Could we get an address?

Seed4.Me VPN service is being developed by a distributed team of developers. We prefer to keep details about our structure private as one more layer of protection for our customers.

Do you publish Transparency Reports/Warrant Canaries?

No.

If yes, how often? A link to a URL or PDF file would be helpful!

N/A

Have your claims been audited by an independent third-party security firm?

No.

If yes, when was your VPN service last audited? Could we get a link to a URL/PDF file?

N/A

Why have you not been audited yet? Any reasons?

Our users did not ask us for this thing. Most people demand fast and stable VPN connection at a low price – this is what we offer.

Could we get some info on the owners behind the company?

We prefer not to disclose this information.

Do you guys have any investors and is the information available publically for users?

We prefer not to disclose this information either.

Who are the Board of Directors of your company?

We prefer not to disclose this information either.

Surfshark – Based in BVI and Launched in 2018

Where is your company headquarters? Could we get an address?

Surfshark is a registered trademark of Surfshark Ltd., a legal entity of the British Virgin Islands. The official address of Surfshark Ltd. is as follows:

Surfshark Limited

Vanterpool Plaza, 2nd Floor, Wickhams Cay I, Road Town, VG 1110

The British Virgin Islands

Do you publish Transparency Reports/Warrant Canaries?

The government of the British Virgin Islands does not require Surfshark to publish Transparency/Clearance reports; therefore we do not do that.

Surfshark is a private company, thus publishing such kind of reports is not mandatory. As Surfshark is not listed publicly in any stock exchange, we apply a common practice not to disclose such information to the public.

Have your claims been audited by an independent third-party security firm?

Surfshark is one of the very few VPN service providers which have been independently audited. The last audit was carried out in November 2018 by the acknowledged German security company

If yes, when was your VPN service last audited? Could we get a link to a URL/PDF file?

Surfshark VPN audited by Cure53.

https://cure53.de/pentest-report_surfshark.pdf

Could we get some info on the owners behind the company?

Surfshark provides its services to people all over the world, including heavily restrictive countries and regimes where access to the internet is controlled, opposing media is persecuted, and NGOs are constrained. We are one of the few VPN providers who has managed to overcome the Great Firewall of China. As long as we are determined to invest time as well as effort in developing smart solutions which can overcome the restrictions.

Regarding our CEO, he is known as Par Kaz. He established Surfshark as his own venture to make a better privacy protection tool that the others. He s a privacy geek of tech background, who has spent his career working with cyber security products as well as system administrator in various parts of the world. Regarding Magnus, it is known in the field and is cited in some Surfshark publications.

Do you guys have any investors and is the information available publically for users?

Surfshark Ltd. is owned by private shareholders who chose not to disclose their private information to the public as it has not been legally required.

Who are the Board of Directors of your company?

Surfshark is a private company which is not required to have and does not have a Board of Directors. It is run by the management team, which includes the Chief Executive, Chief Marketing, Chief Technology Officers, as well as several Product Owners.

Wrapping Things Up

With this, we reach an end to this transparent VPNs guide. The main purpose of which is to help users learn more about various providers and their background information.

Bear in mind that ambiguous services can never be trusted. Only those providers with an established reputation of honesty can help you in achieving complete digital privacy.

I hope this guide assists you in receiving all the info you need. Nevertheless, if you have any questions/queries or need me to interview a specific provider, do comment below.

Also, help a brother out by sharing this guide with other tech-savvy or privacy-conscious users, it would be highly appreciated. Thank you and have a nice day ahead! J

Leave a Reply

Your email address will not be published. Required fields are marked *