NordVPN: Why the false allegations are wrong

For the past few months, we’ve been under a constant barrage of “anonymous” claims stating that NordVPN is involved in data mining. Numerous accusations have been thrown at us, questioning not only our structure and our policies, but our values and ethics as well.

All this time, we thought it best not to respond publicly – to avoid “feeding the trolls” with the attention they so desperately seek and to solve this issue without giving them what they want. For a while, it worked just fine. The attempts to smear us did not make any impact whatsoever until very recently.

Image result for NordVPN: Why the false allegations are wrong

Over the past couple of days, their target has shifted. The dozens of fake accounts on Twitter with reused pictures and zero comment history expanded their attacks from us to the companies and people who trust us – basically, every website and every expert who has ever been involved with NordVPN. We realized that remaining silent is no longer an option and we must respond for the sake of our reputation.

The false allegation being made is that NordVPN is structurally the same as HolaVPN, that our VPN clients are being used to turn our users into a botnet, and that NordVPN is part of a data mining conglomerate. The attacks are being backed up by nothing more than an unrelated patent infringement lawsuit filed in the US against Tesonet.

Tesonet is one of the biggest tech corporations in Lithuania, a small EU country with a thriving technology sector. The company works with Fortune 500 businesses and develops infrastructure and standalone solutions for various B2B applications, ranging from hosting services and payment processing to HR and customer support. They are experienced in a variety of fields – from digital marketing to network management and programming. One of the services that Tesonet performs for Fortune 500 companies is data scraping.

We are being accused of giving third parties access to NordVPN user IP addresses in order to perform web scraping operations. Hola works this way, but not NordVPN.

Not only is this accusation completely false, its inaccuracy is also easily verifiable.

Anyone with Wireshark (or any other similar app) and some networking knowledge can perform a network scan, check all requests made by the NordVPN application, and verify their destinations. The results will prove that the web scraping accusations are false. We have never in any way been related to any other projects developed by Tesonet.

The claims that HolaVPN and NordVPN had a business relationship are misleading. HolaVPN was one of many minor affiliate partners and would refer users who canceled Hola to NordVPN. We would pay a small commission for the referral.

We understand that these facts alone may not be enough to clear our name. Therefore, we are hiring one of the largest professional service firms in the world to run an independent audit and verify our ‘no logs’ claim. The audit is expected to be completed within 2 months and will independently verify that the accusations are false.

There is another bit of context in this story. Back in May 2018, a fake Twitter account started spamming every cybersecurity-related website with a PDF document stating that NordVPN is part of a data mining conglomerate.

It didn’t take us too long to find out the name hiding behind the anonymous claims – it was another VPN service that we had always considered reputable. A few media outlets reached out to us, we briefly explained what was going on, and the case was put to rest. Once we contacted the culprit directly, the spam campaign ended as well – for a while, at least.

The peace was temporary. Other VPN services realized they might benefit if public trust in our service started to waver. They began a smear campaign while hiding behind anonymous accounts and satellite websites, masquerading their profit-driven aggression as activism and social responsibility.

Related image

Even now, their fake accounts are spamming our Twitter feed, Reddit, and other forums. None of the competitors have ever reached out to us to seek an explanation and none have made a single official comment on the way we operate. That is neither activism nor social responsibility – this is the desperation of someone failing to compete with a company that is a relative newcomer to the market.

We have always been and will always remain true to our policies and our values. NordVPN operates under the jurisdiction of Panama. We have never betrayed our customers and we have never broken our Terms of Service.