One of the largest providers of VPNs (short for Virtual Private Networks) in the U.S., AnchorFree, recently published the transparency report for the current year, 2017. This report details all the legal pathways that governmental authorities used for requesting client data in each country. What is remarkable about this particular instance is the amount of legal requests filed by the United States to the company – out of a total of 81, 63 originated Stateside.
To put this in perspective, France comes in second with a meagre 7 requests. Despite its U.S. origins, the 600mil clients of Hotspot Shield owners AnchorFree mainly come from other states. Subpoenas are the legal request most frequently filed against the firm. AnchorFree defines these acts as legal methods for authorized governmental officials to demand information within certain limits about the provider’s client base.
This process permits agencies affiliated to the government to request data from AnchorFree such as time registered with the service, email addresses, phone numbers, dates of birth, or names.
Spanning this past year, the VPN provider has also been served with what is known as search warrants. Four in number, this type of act is granted by a legal official, such as a magistrate or a judge, and authorizes law enforcement bodies to enter private servers owned by the firm. AnchorFree has also been served with a court order this year, according to the transparency report.
Another number that oddly stands out from the yearly analysis is 38 – the amount of requests that the company has placed in the “Other” category; it is also the number of subpoenas more formal in nature that the company has been served with, which generally includes items such as request formularies, demands, and addressed documents from foreign countries, the majority of which U.S. law does not validate or recognize.
Nonetheless, considering that it is the company policy of AnchorFree not to correlate user data with an IP address, there is no sensitive information that it could possibly divulge. Even so, the situation around the transparency report serves to show the monstrous amount of scrutinizing that providers of VPNs are subject to. Moreover, it is troublingly similar to the situations of other such firms that have to issue yearly transparency reports, such as that of CyberGhost.