ProPrivacy is reader supported and sometimes receives a commission when you make purchases using links on this site.

How does a VPN legal policy affect you?

Everyone knows they should read the long boring legal gumph that accompanies pretty much everything we do in the modern world. But who does? It is after all very boring and is often written in an arcane language that appears to have been designed to repel all but the most hardened legal masochists!

The problem when it comes to VPN is that this legal jargon often cuts to the core of the actual service you are paying for. Although it is also useful for encrypting unsecured public WiFi connections and accessing geo-restricted web services, most of us use VPN primarily to protect our anonymity and consider this to be its most vital function.

fineprint 1

Knowing this, pretty much all VPN providers loudly proclaim the benefits of their service in maintaining your online anonymity on their front pages. However, when you look at many of their ToS (Terms of Service, also commonly called Terms & Conditions or Terms of Use) agreements you find that the terms either flat-out contradict these claims, or qualify them to an extent that effectively makes them meaningless.

This disjunct between what is claimed to be on offer and what, on careful study of the small print, is actually on offer makes it important to consider a VPN’s legal policy before signing up for their services. There are a number of commonly made claims that warrant particularity close attention by the average VPN user.

Guaranteed privacy

Pretty much all VPN providers promise not to hand over users’ personal details or details about their internet activities to any third party. However, if you check their ToS it quickly becomes clear that in the case of legal action (subpoenas, court orders and the like) they have no choice but to comply, and will hand over information under such circumstances without batting an eyelid.

We have said it before here on ProPrivacy and we will say it again, the only way that a VPN company can truly guarantee your privacy is to keep no logs. No logs = nothing to hand over in the event of legal action (or even worse seizure of the company’s VPN servers by the authorities – it has happened).

Keep no logs

Even when a VPN provider does claim to keep no logs, it is well worth checking the ToS to see what exactly they mean by this. One common problem is that although logs may eventually be discarded, they are often kept for a short (or not so short) period beforehand. For example, HMA makes much of the fact that it keeps no logs, but a study of their ToS shows they are kept for 10 days, which is quite a long period and certainly enough for legal action to be taken to force them to be handed over.

A further, though lesser, is determining which logs and records are discarded and which are not. While most ‘no-logs’ VPNs will discard records of a user’s online activities, some still maintain details such as the IP a user connected from, the time and of the connection, which while not a critical worry to most, a few details too many for some.

Similarly, most VPN providers keep records of their customers’ payment details. While clearly useful for such things as continuous billing tracking usage, and problems,  and probably not a great concern to many, there are providers out there (such as Private Internet Access) who demonstrate their commitment to users’ privacy by destroying payment records once the transaction is complete (managing usage etc. by assigning its clients random, non-traceable user numbers).

Money-back guarantee

It is common (but by no means universal) practice to offer a money-back guarantee, which can typically last anything from a day or so to a month. However, what is meant by this guarantee can vary considerably, so if you are planning on using it as a free trial to check out a provider’s service the ToS, this is worth paying close attention to.

moneyback 1

While some VPN’s are happy to provide a ‘no quibble’ money-back trial of their service, others will only give the money back if their technical team fails to connect you within the allotted time. While there is nothing wrong with this per se, it is important that are aware of any limitations (often hidden quite deep in a company’s legal policy) before you sign up. What we find particularity reprehensible are companies who state in their ToS that dissatisfaction due to slow speeds or otherwise poor service is not grounds for a refund.

Copyright infringement

Let’s face it, a lot of people use VPN so they can download P2P torrents. Some VPN providers tacitly allow this, while others actively provide dedicated VPN servers for the task! Many, particularly in countries such as the United States or where copyright is both strict and actively enforced, have strict policies against and will issue notices warning that if it continues to be detected then you will be barred from their service.

The problem is knowing the popularity of torrent downloading, many VPNs with strict anti-piracy policies do not advertise the fact very well, preferring to hide their policies in the ToS for fear of losing potential customers. For more information about staying secure when torrenting, see our best VPN for torrent sites guide.

Other stuff

Above are the main things we think you should look out for. As a matter most VPN providers try to indemnify themselves against absolutely everything, although national and international legislation will supersede anything written in a company’s ToS.

Many companies also like to qualify their ‘unlimited speed’ and ‘unlimited bandwidth’ with ‘fair use’ policies found only if you closely inspect their ToS. Although the fact that such terms exist at all is annoying, we have yet to run into a provider who actually enforces them and so do not consider them something to worry too much about.


We have hopefully highlighted why it is very important that you roll up your sleeves and actually read the small print when deciding on which VPN provider which is right for you. It is not much fun, but since you are going to the bother of protecting your identity by using a VPN in the first place, it is well worth ensuring the VPN provider is similarly concerned with your privacy.

This is not to say that all VPN providers have bad legal policies. In fact, some have regard for issues such as customers’ and have ToS’ which back this up. We have an article discussing our favorite ‘no-logs’ VPN providers which you can find here.

Written by: Pete Zaborszky

Founder of and privacy advocate even before Edward Snowden's revelations. Computing graduate from Imperial College London. Speaker at cybersecurity conferences e.g. IPExpo and regularly speaks on tech podcasts.


There are no comments yet.

Write Your Own Comment

Your comment has been sent to the queue. It will appear shortly.

Your comment has been sent to the queue. It will appear shortly.

Your comment has been sent to the queue. It will appear shortly.

  Your comment has been sent to the queue. It will appear shortly.

We recommend you check out one of these alternatives:

The fastest VPN we test, unblocks everything, with amazing service all round

A large brand offering great value at a cheap price

One of the largest VPNs, voted best VPN by Reddit

One of the cheapest VPNs out there, but an incredibly good service