VPN Performance and Privacy — What the Logs Actually Showed (Independent Audit Data)
VPNs claim 'no logs' and '10x speed' — independent security audits reveal which providers deliver. Here is what the audit data actually shows for the top consumer VPNs.
The consumer VPN market is full of misleading marketing — “10x speed,” “100% privacy,” “military-grade encryption” (a meaningless phrase). Independent security audits over the past 5 years have started providing actual data. PwC audited Mullvad. Cure53 audited ExpressVPN. Deloitte audited NordVPN. Securitum audited ProtonVPN. Court orders have stress-tested several providers. The data shows which VPN claims hold up under independent verification, and which don’t.
This article walks through the audit data, real-world speed numbers, what a VPN actually protects against, and which providers have credibility based on something other than their own marketing.
What audits actually verify
A “no-logs audit” isn’t a single thing. The strongest version examines:
- Server configuration — what data is being collected at the network level
- Backend systems — what databases, dashboards, and analytics are in use
- Source code — what the VPN client and server software stores
- Operational practices — how staff access systems, what data they can see
Mullvad’s 2024 PwC audit covered all four. ExpressVPN’s Cure53 audits covered code + infrastructure. NordVPN’s Deloitte audit covered infrastructure + practices. ProtonVPN’s Securitum covers code + infrastructure.
A VPN is only as private as the audit confirms. Self-reported “we don’t log” claims without independent verification are marketing, not security. The 2023 court case where Swedish police seized Mullvad servers and recovered no usable data is the strongest single proof of no-logs claims — it’s the rare instance of a VPN’s no-logs policy being tested against an actual subpoena.
The audited no-logs providers (2024)
The four consumer VPNs with the strongest independent verification:
| Provider | Most recent audit | Auditor | Court tested |
|---|---|---|---|
| Mullvad | 2024 | PwC | Yes — 2023 Swedish search warrant, no data recovered |
| ProtonVPN | 2024 | Securitum | Pre-2024 transparency reports |
| NordVPN | 2023 | Deloitte | No major test |
| ExpressVPN | 2024 | Cure53 + KPMG | 2017 Turkey assassination investigation, no data |
Mullvad’s 2023 court case is the strongest single proof point. Swedish police executed a search warrant for specific user data. Mullvad’s servers had no logs to surrender. This is the gold-standard verification.
ExpressVPN’s 2017 case (Turkey investigated the assassination of a Russian ambassador and seized ExpressVPN servers in Turkey) similarly produced no usable data. Both incidents validated the no-logs architecture.
Free VPN warning
Top10VPN and VPNMentor have repeatedly investigated free VPN apps. The 2024 findings:
- 75% of top free VPN apps sell user data to advertisers, data brokers, or governments
- 38% had malware or suspicious code in their Android/iOS apps
- 25% leaked DNS or WebRTC despite claiming privacy
Avoid free VPNs in general. Three exceptions with verified legitimacy:
- ProtonVPN Free — unlimited bandwidth, slower servers, only 3 countries. Same company as paid version. Audited, no-logs.
- Mullvad — €5/month flat, no free tier but accepts cash/Bitcoin for anonymity.
- TunnelBear Free — 500MB/month, owned by McAfee, audited but limited.
Anything else in the free VPN space should be avoided. The VPN’s business model depends on selling either subscriptions (paid) or your data (most “free” VPNs).
Speed reality (what the tests actually show)
PCMag’s 2024 VPN speed testing across 50+ providers, using consistent methodology:
| Provider | Local server (lower latency) | Transcontinental | Best protocol |
|---|---|---|---|
| Mullvad | 88% baseline | 65% baseline | WireGuard |
| ProtonVPN | 85% | 60% | WireGuard |
| NordVPN (NordLynx) | 90% | 70% | NordLynx (WireGuard variant) |
| ExpressVPN | 80% | 55% | Lightway |
| Surfshark | 85% | 60% | WireGuard |
| Average across all tested | 70-90% local, 50-70% transcontinental |
Reality: every VPN slows you down 10-30% in the best case, 30-50% on long-distance routes. Marketing claims of “10x faster than other VPNs” are comparing to legacy OpenVPN-only providers, not to reality.
For 4K streaming (~25 Mbps required), most quality VPNs work fine. For low-latency gaming (less than 50ms), VPN adds 20-50ms typically — noticeable but tolerable on local servers.
What VPN actually protects against
A VPN encrypts the network traffic between your device and the VPN’s exit server. After that, traffic exits to the destination website normally.
A VPN protects against:
- ISP surveillance (your ISP sees only encrypted VPN traffic)
- Public Wi-Fi snooping (no one on the network can see your traffic)
- Geographic content restrictions (bypassing region-locked services)
- Some DDoS attacks (your real IP is hidden)
- DNS leak attacks (if VPN runs its own DNS)
A VPN does NOT protect against:
- The VPN provider itself (they see all your traffic)
- Websites you log into (they know who you are by login)
- Browser fingerprinting (your browser is identifiable regardless of IP)
- Cookies and tracking (already-installed trackers continue)
- Endpoint compromise (malware on your device)
This is the most-misunderstood point about VPNs: they shift trust from your ISP to the VPN provider. They don’t make you “anonymous” — they make you pseudonymous, with the VPN as the new trust anchor.
Protocol comparison
| Protocol | Speed | Security | Modern |
|---|---|---|---|
| WireGuard | Fastest | Strong | Yes (2020) |
| OpenVPN | Medium | Strong | 2002, mature |
| IKEv2/IPSec | Fast on mobile | Strong | Yes |
| L2TP/IPSec | Slow | Acceptable | Older |
| PPTP | Fast | Broken | Don’t use |
WireGuard is the modern standard. 4,000 lines of code (vs OpenVPN’s 100,000), modern cryptography, faster connection establishment. NordLynx (NordVPN’s WireGuard variant) and ProtonVPN’s WireGuard add session-isolation features missing from base WireGuard.
OpenVPN is fine for compatibility and has the longest audit track record. PPTP is officially broken and shouldn’t be used by anyone in 2024.
Provider recommendations by use case
Casual privacy + occasional travel
- Mullvad ($5/mo flat) — anonymous payment options, audited, court-tested
- ProtonVPN ($4.99-9.99/mo) — Swiss-based, audited, free tier available
Streaming and content access
- NordVPN ($3-12/mo) — most reliable for Netflix/streaming geo-bypass
- ExpressVPN ($8-13/mo) — best app polish, expensive
Maximum speed
- NordVPN (NordLynx) — fastest in PCMag 2024 testing
- Mullvad WireGuard — close second, lower cost
Best privacy
- Mullvad — accepts cash/Bitcoin, no email required to register, court-tested
- ProtonVPN — Swiss jurisdiction, transparent leadership, audited
What to avoid
- Any free VPN not on the verified list (75% data sales, 38% malware risk)
- Lifetime VPN deals on AppSumo or LinkedIn ads — typically suspect quality, often shut down within 2 years
- VPN providers based in 14-Eyes intelligence-sharing countries with mandatory data retention (some US, UK, AU providers)
- VPNs requiring Facebook login or extensive personal data (defeats the privacy purpose)
- Browser-only VPN extensions (often proxy, not full VPN; leaks DNS/WebRTC)
Setup checklist
For a properly configured VPN:
- Choose audited provider (Mullvad, ProtonVPN, NordVPN, ExpressVPN)
- Install on all devices (phone, laptop, tablet)
- Enable “kill switch” — blocks traffic if VPN drops
- Use WireGuard or OpenVPN protocol (not PPTP/L2TP)
- Enable DNS leak protection (most apps do by default)
- Test for leaks at ipleak.net or dnsleaktest.com
- Set VPN to auto-connect on untrusted networks (public Wi-Fi)
The bottom line
VPNs are genuinely useful for: ISP-level privacy, public Wi-Fi protection, geographic content access, and some torrenting use cases. They’re not anonymity tools — they shift trust from your ISP to the VPN provider.
Use audited providers (Mullvad, ProtonVPN, ExpressVPN, NordVPN). Avoid free VPNs except the few verified safe ones. WireGuard protocol when available. Test for leaks after setup.
The VPN industry is full of hyperbole. The audit data and court cases are what’s actually verifiable. Pick based on those.
VPN-capable routers worth running
Most “VPN routers” can’t keep up with 1 Gbps WAN connections. These three are independently tested to actually deliver line-rate VPN throughput on consumer hardware:
ASUS RT-AX86U Pro AX5700 (WireGuard support)
Price · $280-340 — fastest consumer VPN router
+ Pros
- · WireGuard support — 900+ Mbps VPN throughput in tests
- · AiProtection Pro included (Trend Micro threat scanning)
- · Strong open-source firmware community (Merlin)
− Cons
- · Premium price vs basic AX routers
- · OpenVPN throughput much slower than WireGuard — use the latter
GL.iNet Slate AX Travel Router (GL-AXT1800)
Price · $130-180 — pocket-size VPN router for travel
+ Pros
- · Pre-configured WireGuard + OpenVPN — works out of the box
- · Pocket-size — pairs with hotel WiFi for instant VPN tunneling
- · USB-powered, OpenWRT-based, transparent open-source firmware
− Cons
- · Lower throughput than full home routers (~400 Mbps cap)
- · Travel-focused — overkill for primary home setup
Synology RT6600ax Triple-Band WiFi 6
Price · $300-380 — security-focused with full VPN suite
+ Pros
- · Three-band WiFi 6 (2.4 / 5 / 5.9 GHz)
- · Built-in VPN server + client with WireGuard
- · Threat Prevention package included free
− Cons
- · Premium price; setup complexity for casual users
- · VPN throughput slightly lower than ASUS Merlin firmware
For home setups, the ASUS RT-AX86U Pro is the fastest single-router pick. For travelers, the GL.iNet Slate AX in your bag means every hotel network gets the same VPN protection as home.