NordVPN Responds to Criticisms

NordVPN.com is a popular VPN provider known for its dedication to protecting its users’ privacy. This is a reputation strongly bolstered by the fact that NordVPN is based in Panama.

There has been a storm brewing on the internet, however, about who NordVPN is and where it is based. Evidence has surfaced that demonstrates a strong link between NordVPN and Lithuanian network infrastructure provider Tesonet.

That this evidence was first presented by a certain rasengan has only served to fuel acrimony since rasengan is a handle used by Dr. Andrew Lee, co-founder and CEO of rival VPN service Private Internet Access.

An ugly court case

According to court documents used in an ongoing lawsuit between VPN provider Hola and Tesonet:

"Between November 2015 and June 2018, Hola, had a business relationship with Tesonet related to HolaVPN and Tesonet’s VPN service called NordVPN.”

Which is unfortunate, as one of the many projects that Tesonet is involved in is data mining:

"Tesonet offers large-scale web data extraction products and services under the OxyLabs brand. https://oxylabs.io/ (Exhibit E).”

Oxylabs 1

It is a case that does credit to no parties involved. Hola is suing Tesonet for stealing its data scraping technologies during their business partnership, and embedding these technologies into its own products.

"9. The Asserted Patents are directed toward methods for fetching content over the
internet through the use of intermediary tunneling devices.

Luminati, formerly known as Hola, provides a cloud service connecting tens of
millions of devices over the Internet through a proxy-based network. Each participating device
allows the network to utilize a small fraction of that device’s idle time for the network. Luminati
utilizes this network to provide proxy-based services to businesses.”

So Hola (the plaintive) itself admits selling data scraped from its VPN (proxy) customers. Nice. In the past, Hola has been accused of stealing customers’ bandwidth and other dubious practices.

NordVPN’s response

NordVPN has published an official statement on the issue in which it firmly denies any wrongdoing on its part, reiterating the company’s commitment to keeping no logs whatsoever. It also announced that it would commission an independent audit to verify its claims.

It must be said, though, that this statement left us with as many questions as answers. ProPrivacy.com therefore reached out to NordVPN for further clarification.

NordVPN told us that it does have close links with Tesonet, but that it is an independent entity owned by Panamanian company Tefincom S.A. Its trademark is also held by Tefincom. At no point has NordVPN been legally owned by Tesonet, and it has no connection to other projects that Tesonet might or might not be involved in.

NordVPN explained to us that Tesonet simply helps it with various infrastructure services on a strictly contractual basis, and is involved in payment collection in some cases. Their partnership gives Tesonet no control NordVPN’s policies or how it interacts with its customers.

Crucially, this means NordVPN has no connection to Hola, and is in no way involved with the Luminati vs. Tesonet lawsuit. NordVPN says being named "Tesonet’s VPN” in the court documents is a factually incorrect mistake, a fact that will be made clear when the case comes to court.

ProPrivacy.com’s expert opinion

UAB Tesonet is a large company with its fingers in many pies. We would like additional clarity about NordVPN’s exact relationship with Tesonet, but it seems entirely plausible to us that NordVPN is not involved in Tesonet’s other business interests, and that Tesonet has no influence on NordVPN’s internal operations.

The current slew of accusations and mud-slinging (started, it should be remembered, by a rival company) is based purely on circumstantial evidence. No matter NordVPN’s relationship with Tesonet, there no evidence whatsoever that it is anything other than the privacy-focused VPN provider it claims to be.

We nevertheless welcome NordVPN’s announcement that:

"We are hiring one of the largest professional service firms in the world to run an independent audit and verify our ‘no logs’ claim. The audit is expected to be completed within 2 months and will independently verify that the accusations are false.”

It is vital to get the parameters of this audit right, and it must be performed with total transparency. But assuming this is the case and that NordVPN is vindicated by its findings, an independent audit is the best possible way to lay the matter to rest.

Seth

on November 29, 2018

Looking forward to see your article about the Audit. Didn't find a new post yet. I've had a look at the full audit and I'm almost certain that it's legit, but would like to hear a professional opinion.

Brad

on August 30, 2018

I'm a long time Nord user, so of course, I got scared when the first headlines came out. What I think is happening, people don't read the whole story and facts, just the titles and a few shady competitors comments and think it's the end of the world. I've read a lot of articles and posts, the lawsuit, opinions and official response of Nord and it was already obvious that the allegations are full of crap. On one of the threads regarding the subject on Reddit and expert from Comparitech actually analysed the activity of Nordvpn app and found that there's no way Nord is collecting any data nor is it being turned into a botnet. See screenshot for his findings https://imgur.com/a/i83EOF0

Mathew

Hi Douglas, thank you for making things clear, these accusations looked weird from the beginning, it seems that shouters missed some digging to search for all sides of a story. A bit sad for Hola, but I am happy for Nordvpn for keeping strong position it seems that they are not afraid to make it clear, haven’t heard about any vpn services making an audit during some scandals. This industry is tough, but that’s the price of having a business. I think this will earn their users trust.