You might be correct here. GDPR allows for data logging in many circumstances too. The grey area being “it is necessary for legitimate purposes”. It even goes to an extent that a company is allowed to withhold information it holds about the subjects in circumstances such as above. So if that account holder on Tuta requested data download, Tuta could return back all personal info and withhold all unencrypted emails. This would make the person believe Tuta holds nothing but in fact it does hold more than what’s disclosed. LE involvement is one of many ‘circumstances’ that allows such practice under GDPR.
2 Likes
This would imply that it’s possible to figure out who the user is and distinguish their traffic. This is indeed easy for an email service since the user is identified by their email address and the order was about that email address. For a VPN service I don’t see how can a single user be distinguished unless LE already know their identity, but what would they request from the VPN service then?
Thank you for your reply @ameshkov. My post was meant to correct a misinterpretation by another community member, but not aimed directly towards AdGuard, as I’m well aware that you are based in Cyprus now. Nevertheless, I appreciate the response here as it demonstrates the commitment. I’m one of the members who bought a lifetime license in the earlier days, but unfortunately, I no longer use any of AdGuard’s software. However, I sure do use your filter lists.
2 Likes
To confirm their suspicion and see to what websites he connects to. It could be the case that LE is tracking someone for let’s say, domestic abuse, and wants to know his browsing habits.
For scenario like this Adguard already is collecting sufficient information to be able to comply. Even in cases where LE might want to confirm an individual based on IP hops in different countries, simple account information download in plain text currently is enough. AdGuard VPN can confirm your virtual location per session based on each new login as it collects this information. Link that to payment method or email used to created that account and very easy to confirm.
The only browsing habit they can learn this way is that the person is an AdGuard VPN user, we don’t know anything else.
This is not entirely correct. Changing location in the VPN app is not the same as logging in. When you log in (i.e. enter your login/password) AG VPN “grants” you an authorization token. When it happens we save the “AS number” (essentially your ISP name) and not your IP address. This is done for security purposes so that we could react if there’s a sign in attempt from an unusual location. Then the app uses the token to connect to the VPN server and this information that’s not logged.
1 Like
Hello!
Does this mean that the minimum amount of information gathered on an AdGuard VPN user is the same as VPNs like Proton VPN for example ? How would you compare to this other VPN ?
PS : Can you also answer to this if you have time ?
1 Like
Briefly, here’s what AdGuard VPN knows about users:
- Email address that was used to sign up.
- Login attempts (you can see them on my.adguard.com), ISPs from where they were made (for security purposes).
- Billing information (basically, order IDs which are linked to the data that is stored by the payment providers).
- How much “bytes” were sent through AG VPN (billing purposes).
- What AG VPN apps were used (billing purposes, enforcing 10 devices limitation).
Tbh, I don’t know what Proton gathers so can’t compare.
Done.
4 Likes
Ok I understand the whole login location argument you put forward. However, is it absolutely necessary to save ALL logins? If it’s to react to unusual login attempts, maybe recent 2 or 3 or even last “suspicious” login that’s not resolved as “safe” should stay. But keeping ALL historical logins ever even if it’s just ISP - is it really necessary? From GDPR or minimal info point of view. This is genuine query as I don’t see what functionality gain there is for a company. I see why Reddit wants to keep my IP or ISP details but even that gets deleted 1 or 3 months later…
Also can you please clarify if the usage “bytes” is recorded for both free AND premium? Reading privacy policy it suggested to me that you do that only for free accounts.
1 Like
Thanks for all the comments!
You’re right, it’s not really necessary, I’ll check if we can simply drop the ISP information from old records.
UPD: Maybe it’d be easier to drop the old record completely, we’ll check that.
Hmm, I’ve checked the wording and it’s not correct, we also need it for premium to cover for two cases: when the subscription expires or refunded, to prevent service abuse (never used that one, but still).
We’ll correct the wording to make the following points clear:
- We save the number of bytes that was used by any AG VPN account.
- This information is used for the following purposes: billing (free accounts and enforcing limits on expiring premium accounts), preventing service abuse.
- This information is not linked to the specific location that was used, we only know the number of bytes, period.
- It is stored for 90 days.
1 Like
Couldn’t Cyprus LE force you to log “User A” traffic ? Do Cyprus law guarantees against such orders ?
Thanks for taking incredible amount of time on this forum to check this thread AND reply. Respect.
It’s nice to see you taking on board suggestions too. Looking forward to new iterations of policy and compact user data on next download 
You mentioned even for Pro accounts you record bytes used. I might be wrong but the download from account doesn’t show this info anywhere. If it’s logged as “user data” should the download push this info too, unless user hasn’t logged in for last 90 days? I can’t find it anywhere.
Feature request plug - if server can’t find internet so disconnects or disconnects for any reason, a push notification to say “VPN absent”? Easy to implement? Guess not, as no internet access to send a push.
Last suggestion/query - promise (I think!) … any chance that data download can be parsed in readable txt or html format? It shows ok on Windows but not on mobile devices. It’s not a biggie but … makes user accessible and more complaint to GDPR and Cali laws.
Deep packet inspection is generally implemented at the application layer of the OSI model, so shadowsocks for example, which is implemented at the network layer, can be very effective at circumventing DPI. This, however, doesn’t mean that different implementations of DPI e.g., implemented at the gateway layer vs. access layer, can’t be used for correlating internet usage and patterns to specific users.
edit: grammar
Thanks for really useful suggestions! I must admit that this forum (unlike many “social” platforms) is very high quality, people actually do the deep research and thus the feedback is on point.
Last time I checked they were there, the names are “received_bytes” and “transferred_bytes”.
iOS or Android?
It’s actually rather complicated. What I can say for sure is that we’ll make the download an archive and split data into general/ad blocker/vpn/dns there, it should help a little.
Hey, Andrey, asking here directly as you seem to be quite active. Could we expect an AdGuard app for Linux like in windows and macOS? If so, you will be the actual competitor to Safing’s Portmaster.
I am actually hoping to have one. Because, I am planning to move away from uBO and fully rely on AdGuard for my DNS and ad blocking needs but no desktop app for Linux seems like a bummer because it could act like a firewall as in Android and other OSes.
Thanks Andrey! Very kind. I’m glad you found this thread useful and what started as a thread with skepticism about AdGuard VPN has actually built into a good dialogue on how AdGuard is committed to privacy. I’m sure many on this forum will find your responses reassuring.
In terms for push notifications, I meant more for iOS as the “VPN connected” status is hidden away so needs more than just a glance to know if accidentally drop occurred. For Android it’s easy in most phones to spot VPN connectivity indicator when using the phone.
Yes, and pretty soon, we already have an MVP version internally.
But there’s a big BUT: for Linux it will be a purely console version, no GUI, just the console interface.
2 Likes
Btw, this is live, data export is now an archive with several files inside, should be easier to navigate.
It’s not a plain text, but since it’s a JSON file, you can use a tool like this one to make it easier to read.
But for iOS we have “kill switch” mode enabled by default so if the connection is dropped it’s hard to miss, the Internet will stop working. If it is not enabled in your case, we’d better address this first.
Oh, great.
Would like to know the complexities behind no GUI being available. I guess its CLI because of initial release. Hey about pairing it up with AdGuard Home DNS UI ?
If the CLI version is a Terminal UI. I think it would be sufficient till GUI is available.
Maybe, we’ll see how it goes.
Exactly.