Popular VPN company Private Internet Access has had its network audited by Big Four consultancy firm Deloitte.
VPNs can be extremely useful pieces of technology for both businesses and consumers, but it’s important to keep your ear to the ground for industry news, so you know who to trust.
PIA’s Privacy-Assuring Audit
The main selling point of VPNs — and why they’re such a handy privacy tool — is that they keep no logs or information about the activity of the users on their network.
Nowadays, most VPNs even use RAM (diskless) servers, meaning nothing is ever written to any hardware. Plus, RAM requires power to store data, so when a server is shut down, all the data that has been processed by the server is automatically wiped.
Private Internet Access asked Deloitte Audit Romania to review its VPN network and management system to examine how they keep its no-logs promise.
“We’re here to say that we’ve always abided by our airtight No Logs policy,” Adina Matei said in a post on PIA’s website announcing the completion of the audit. “We’ve never retained any metadata, and we’ve never had any data to share with the authorities.”
Deloitte confirmed that the “server configurations align with internal privacy policies” and that they are “not designed to identify users or pinpoint their activities.” PIA also mention that they configure their RAM servers to routinely reboot themselves, wiping all user data.
PIA: Part of Something Bigger
If you’re using a VPN, it’s always good to know who uses it. There are a lot of rarely-talked-about links between companies, websites, and other organizations in the VPN industry than the average consumer may realize.
Since 2019, PIA has been owned by a company named Kape Technologies. They already owned VPN providers CyberGhost and Zenmate by this point, and also purchased ExpressVPN.
Additionally, Kape recently bought Webselenese, which owns the VPN review giant VPNMentor, as well as fellow VPN review site Wizcase.com.
However, Techradar reported in March that Kape confirmed the Webeselense assets would retain editorial independence.
Other VPN companies are joining together too. Surfshark and NordVPN went through a merger in February of this year, for example.
Although the VPN services remain functionally independent, they will share technical knowledge. This is good news for consumers, with NordVPN and Surfshark among the most trustworthy names in the industry.
Can you Trust PIA… and Other VPNs?
Kape Technologies, back in 2015, used to be called Crossrider. Then, the company made its money off adware and produced software that hackers utilized to inject malware, hijack browsers, and send traffic to advertisers. But both the name change and its recent acquisitions have helped the company distance itself from its past.
“100% of Kape's revenue comes from subscription services or online content publishing; 0% of revenue comes from ad serving,” the company says.
Discussing Kape’s dodgy company history is not to say you should providers like ExpressVPN and PIA — they run solid, extensively audited networks, and have shown on a number of occasions that they don’t keep logs and don’t respond to law enforcement subpoenas requests.
What should you take away from this, then? Well, if you’re a VPN user, the importance of keeping an eye out for industry news, exposés, security breaches, and other important information is paramount, especially if you live in a country with draconian surveillance laws.
Plus, it’s important to know who’s reviewing your VPNs fairly. Although Kape Technologies pledged editorial independence for companies like VPNMentor, the pages “Top VPNs for 2022 page” conveniently list ExpressVPN, CyberGhost, and Private Internet Access as their top three providers.
It’s pretty standard for sites like Tech.co, Forbes, and any others with VPN review pages to have commercial partnerships with the providers they write about, but these partnerships do not impact editorial independence (in Tech.co’s case at least).
Business VPNs and Consumer VPNs
ExpressVPN is a consumer VPN, targeted at individuals, families, and groups of friends. Consumer VPNs reroute all your traffic through one of their many private servers, encrypting it in the process and hiding your IP address from websites and anyone monitoring your traffic.
It doesn’t make you anonymous per se, but instead makes it much, much harder to link your traffic to your IP. Usage is advised if you’re using a public Wi-Fi network that anyone can join by signing up or an open network that has no password protection.
Business VPNs, on the other hand, will allow all of your employees to securely access your company’s cloud resources from anywhere in the world by creating private, encrypted tunnels between their devices and your business’s servers.
NordLayer, NordVPN’s business offering, has a whole host of network control features that allow you to dictate what company files and other data given employees can access.