However, real-world tests and third-party audits are necessary to restore our confidence in HMA. The company’s much improved no-logs policy somewhat offsets its privacy-unfriendly jurisdiction. As long as the VPN doesn’t keep user web logs, it doesn’t have sensitive information to pass on. Such an intrusive policy made it easy for law enforcement to request personally-identifiable information from HMA to identify a specific user.Īs we mentioned above, HMA’s new privacy policy prevents any repeat of user identities being compromised. The VPN service previously logged sensitive data like user IP addresses and precise connection timestamps. It must be said that all instances of information sharing with law enforcement happened under the VPN’s old privacy policy. HideMyAss went to some length to justify its behavior, but it was largely seen as a breach of trust for most VPN users. He was a HideMyAss user whose identity was uncovered using connection timestamps. On another occasion, a Texas judge was arrested for stalking and harassment. In one instance, a member of the hacktivist group Anonymous was arrested after HMA provided the FBI access to connection logs, following a UK court order. Sadly, HideMyAss has an extremely poor track record for logging. HideMyAss shared user logs with law enforcement The UK is also a member of the Five Eyes Alliance (FVEY), an international intelligence-sharing agreement designed to collect and share surveillance data among the world’s most powerful nations. The company admits it will supply information to law enforcement if necessary. HideMyAss is subject to all intelligence-sharing agreements contained within the Snoopers Charter. The UK is a terrible base for a VPN provider, due to its intrusive data retention laws now codified through the UK Investigatory Powers Act, or the ‘Snooper’s Charter’ as it is popularly known. AVG was in turn bought by Avast, another Czech antivirus firm, in 2016.ĭespite the parent company, Avast, being based in the Czech Republic, Privax Ltd is still located in the UK. The VPN’s popularity led AVG, a Czech antivirus company, to acquire it for up to $60 million in 2015. HideMyAss launched its first subscription-based VPN service in 2009 under the ownership of parent company Privax Ltd. The important thing is that HMA’s no-logs policy clearly states your internet activity will not be tracked or logged.ĭespite the logging policy improvement, HMA is a VPN service with an extremely poor track record when it comes to safeguarding its customers’ anonymity. The only personal information HideMyAss retains is your email address and username, which is standard practice among VPNs. Third-party security audits provide real evidence of a VPN’s activities, so you’re not forced to rely on what a VPN service claims. VerSprite awarded HideMyAss a “low-risk user privacy impact rating” - the best possible classification. HMA’s updated logging policy has been verified by reputable cybersecurity consulting firm VerSprite, following an audit of HMA’s systems. The limited amount of data that HMA does log is aggregated and not tied to any specific user. Excerpt from HMA’s updated no-logs privacy policy.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |