Private Internet Access (PIA) is one of the best VPN services right now. A third-party independent audit has been completed over its privacy promises that there are no logs, with positive results.
Deloitte was responsible for the long-awaited and successful rubber stamp. It is one of the Big Four global auditing firms. Deloitte Audit Romania, specifically, has been investigating PIA’s VPN server infrastructure and management systems to find any flaws or vulnerabilities that could allow users to access and/or store their data.
The auditing experts confirmed that server configurations are in line with internal privacy policies as of the 30th of June 2022. They are not intended to identify or track users.
PIA network to prevent data retention
We have been long-standing advocates for cybersecurity and digital privacy in the US and now we have an audit that attests to our No Log VPN service,” said the provider in a post (opens in new tab).
Developers explained that they designed the network infrastructure specifically to prevent data retention. For example, the provider uses RAM-only servers. The memory is volatile, and data is not saved after power-off. All servers have been programmed to automatically reboot, so all data is deleted immediately.
PIA claims that it will disable error logs and debug info in order to protect users’ data even if there is a hack. It explains that, despite potential drawbacks in our debugging and developing processes, it’s an acceptable compromise to protect user data.
For those who are concerned about the company’s headquarters being in the US, PIA is a member of the Five Eyes Alliance. PIA assures you that US-based VPN providers will not be subject to US consumer protection laws.
What’s next?
“This Deloitte audit marks another milestone in our journey to privacy activists,” said PIA.
Customers who are concerned about their online privacy should know whether their data security is being actively maintained. This is why VPN audits are becoming a popular practice among top VPN providers.
Independent verification of software infrastructure and policies can help companies stand behind their marketing claims. It also ensures that there is no missing information during development.
Although a no-log verification is only one step in the security auditing process, other providers such as ExpressVPN and bestvpn have also been subject to scrutiny by third parties. This shows that PIA still believes it can deliver a reliable and secure service to its customers.
PIA is among the few VPN providers that have all of its apps open-sourced. This allows everyone to look at their code and find bugs.
Additionally, the provider announced that it was continuing extensive hardware optimization, and will be updating its Transparency Report with an update. They also stated that they are open to independent audits.
We take our No Logs policy very seriously and this audit is not the end of it. We will continue to make our users aware of the security precautions we have in place.