Jump to content
Not connected, Your IP: 34.229.119.176
farfar2

Monitoring ToS compliance && Logging

Recommended Posts

Hello, hope Im right here...
I had some questions regarding logging and ToS policies.
1) How do you monitor that a vpn user is not abusing your services by doing some cyber criminal or hacking activities directly from your networks?
2) How does your no log poilcy exactly work? Lets say a vpn user connects to cyber crime sources through airvpn bulgaria. All logs on those external (criminal) sources point to Exit nodes of Airvpn on XYZ timestamped date. If police brings court order (to whom actually? to airvpn staff in italy or in bulgaria?), can a vpn user be identified? What informations will be shared to LEA?
Thanks
FF

Share this post


Link to post

Staff answered these questions multiple times in the past, unfortunate for me to not being able to find it at the moment.
In the meantime, here are some hints:


NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Unofficial Eddie for Android F-Droid repository: repo.opensourcery.eu

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post

Okay thanks, how about second part of (2)?
"..Lets say a vpn user connects to cyber crime sources through airvpn bulgaria. All logs on those external (criminal) sources point to Exit nodes of Airvpn on XYZ timestamped date. If police brings court order (to whom actually? to airvpn staff in italy or in bulgaria?), can a vpn user be identified? What informations will be shared to LEA?"

Share this post


Link to post
12 hours ago, farfar2 said:

Okay thanks, how about second part of (2)?

 
13 hours ago, OpenSourcerer said:

unfortunate for me to not being able to find it at the moment


Please wait for an official word or try a support ticket.

NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Unofficial Eddie for Android F-Droid repository: repo.opensourcery.eu

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post
7 hours ago, farfar2 said:

no comment from the stuff?

 
On 11/2/2021 at 4:26 AM, OpenSourcerer said:

:)

NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Unofficial Eddie for Android F-Droid repository: repo.opensourcery.eu

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post
On 11/1/2021 at 3:25 PM, farfar2 said:

Okay thanks, how about second part of (2)?
"..Lets say a vpn user connects to cyber crime sources through airvpn bulgaria. All logs on those external (criminal) sources point to Exit nodes of Airvpn on XYZ timestamped date. If police brings court order (to whom actually? to airvpn staff in italy or in bulgaria?), can a vpn user be identified? What informations will be shared to LEA?"

Hello!

TL;DR: Likely no, nothing will be shared and never has been up to this point. But if you're extremely concerned, then apply the partition of trust as shown at the end.

I believe this question may already have been answered in my guide, in the First Questions section about logging and tracking.

Here's what likely most satisfies your question:
Quote
Quote

2) If subpoenaed by law enforcement, and if your legal team found that you had no grounds to deny the order, would you then log the activities of your users without revealing this action to your users? Yes or no.

 

No.

 

Kind regards

Quote
Quote

1) How can you identify somebody doing something that is against your TOS if you cannot identify your users or what they are doing. Please give examples.

 

Hello!

 

We can't do that ex-ante.


Ex-ante = before the event. (Contrasted with a different point further down as ex-post = after the event).

There's also a much more detailed reply further down, to some hypothetical scenarios about specific situations.

There's also a thread related more closely to how DMCA and torrent-related things are handled. Here's some of the most relevant ones for this thread:
 
Quote

1. Do you keep ANY logs which would allow you to match an IP-address and a time stamp to a user of your service? If so, exactly what information do you hold and for how long?

1. No, we don’t.
 

6. What steps are taken when a court orders your company to identify an active or past user of your service? How would your company respond to a court order that requires you to log activity going forward? Has any of this ever happened?
6. The matter is handled by our law firm which explains to the competent authorities how our system works and why it is not possible to track a user “ex-post” when such identification requires access to traffic logs, which simply do not exist. We have so far not received any order trying to force us to “log activity going forward” and we would not be able to comply for strictly technical reasons.
 

8. Which payment systems/providers do you use? Do you take any measures to ensure that payment details can’t be linked to account usage or IP-assignments?

8. Nowadays we use Coinpayments, BitPay, PayPal and Avangate. We accept a wide variety of cryptocurrencies and several credit cards. We also planned to accept payments in Bitcoin (and some other cryptocurrency) directly in late 2018, with no need for any third party payment processor, which anyway does not require any personal data to complete a transaction.

We do not keep any information about account usage and/or IP address assignments, so there can’t be any correlation with any payment. As usual a customer needs to consider that any payment via a credit card or PayPal will be recorded for an indefinite amount of time by the respective financial companies. We also accept cryptocurrencies inherently designed to provide a strong layer of anonymity

 

Do please pay attention to the dates of those threads, as some minor things may have changed - such as how Air now provides even more payment options.

And then there's about logging in general in a different thread; WebRTC, website IP, the AirVPN Privacy Notice. Not super relevant for this thread, but maybe still of interest to some.

As for "If police brings court order (to whom actually? to airvpn staff in italy or in bulgaria?" I would bet on Italy, since all AirVPN staff live in Italy - but please don't quote me on this.

If you're still uncertain, then do also please keep in mind that AirVPN routinely tells people that they do not need to trust AirVPN - as shown by the first links in this thread by OpenSourcerer:
Quote
"If you can't afford to trust our words please apply partition of trust." - AirVPN Staff

More on partition of trust.

I hope that answers your questions, but if you have more, please feel free to post them. Ultimately, we're just moderators, so if anything hasn't already been answered and is about Air policy, then we defer to the official Staff account or the support team (run by the same people), as stated before by OpenSourcerer:).

Moderators do not speak on behalf of AirVPN. Only the Official Staff account does. Please also do not run Tor Exit Servers behind AirVPN, thank you.
Did you make a guide or how-to for something? Then contact me to get it listed in my new user guide's Guides Section, so that the community can find it more easily.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...