Surfshark passes first independent no-logs audit
Another virtual private network provider has just taken an important step to increase its customer transparency. Surfshark — CNET’s Editors’ Choice for Best Value VPN and one of our top VPN picks — passed an independent no-logs audit conducted by accounting firm Deloitte, the VPN company said in a blog post on Wednesday.
“The positive outcome of Deloitte’s No Logs Assurance report is factual proof to our users and future customers that Surfshark operates to the highest standards of privacy and quality,” wrote Justas Pukys, Surfshark VPN product owner. “We will continue to conduct various audits and tests to obtain independent verification of our security and privacy practices.”
The audit examined the configuration and management of Surfshark’s IT systems and supporting IT operations and was conducted between November 21 and December 2, 2022, according to a summary of the audit report by Deloitte (PDF). As part of the audit, Deloitte examined the design and configuration of Surfshark’s standard VPN servers, static IP VPN servers, multihop servers, and multiport servers.
“Based on the procedures carried out and the evidence obtained, in our opinion the configuration of the IT systems and the management of the supporting IT operations are properly prepared in all essential respects [Surfshark’s no-logs policy]said Deloitte.
Deloitte validation is important because independent testing is one of the only ways to confirm that a VPN provider’s no-logs claims are legitimate. Even though an independent audit from a company like Deloitte can only confirm its findings for the scope and length of the audit, it can give customers a degree of confidence that the VPN they are using really delivers what it promises.
“[The] The no-logs policy is one of the most important features of our services,” says Surfshark in its Terms of Service. “It means that your activities are in no way logged, stored or transmitted to third parties when you connect to our services. We do not collect any information about what you do online (your visited IP addresses, browsing history, session information, bandwidth used, connection timestamp, network traffic or other similar data).”
Surfshark’s announcement comes two weeks after sister company NordVPN announced its own independent no-logs audit, also conducted by Deloitte. Surfshark had its browser extensions independently audited in 2018 and its server infrastructure in 2021, but the Deloitte audit is Surfshark’s first independent no-logs audit.
For more information on VPNs, check out Surfshark’s new Dynamic MultiHop feature and learn how to boost your VPN speeds.