A few days ago, VPN industry sharks felt blood in the water: NordVPN had been named in a lawsuit about data-mining technology. Like summer rain, unstoried Twitter and Reddit accounts began spamming frothy declarations, rejoicing at the chance to blemish the industry leader’s solid reputation. As the pitchforks gathered, ‘Is there something to this?’ quickly became an afterthought. Well, we’re as partial to a bit of drama as the next guy – when there’s reason for it.
In this case though, the lawsuit only mentions NordVPN to illustrate an unrelated point. And neither is the VPN listed among the pieces of software implicated in this supposed ‘data-mining scandal’. So, let’s take our time to untangle this mess, shall we?
The Lawsuit and the technology
The legal document in question was filed by Luminati Networks Ltd. (a $200 million stake in which, by the way, was bought by EMK Capital) at the Eastern District Court of Texas, known in some circles as the “Patent Troll Court”. Basically speaking, this district gained a reputation for its local patent rules that have made it particularly easy for patent owners to sue and win money, often regardless of the strength of their case. The lawsuit alleges that OxyLabs, one of the companies owned by the Lithuanian corporation UAB Tesonet, is infringing upon Luminati’s patents. What does NordVPN have to do with all this? Well, Luminati Networks Ltd. was once known as Hola (of Hola VPN fame) and has previously had some business with Tesonet in relation to NordVPN – allegedly the Lithuanian corporation’s product.
The lawsuit alleges that OxyLabs, one of the companies owned by the Lithuanian corporation UAB Tesonet, is infringing upon Luminati’s patents.
If the link sounds tenuous, that’s because it is. Aside from the fact that representatives of Luminati and Tesonet know each other due to NordVPN, the lawsuit offers no pertinent facts about the VPN service. The real reason why many have taken this opportunity to question NordVPN is the patented technology.
Some will remember that Hola VPN once caught a lot of flack when it came to light that their service sells users’ idle bandwidth to third-parties. Simply put, if you’ve got Hola VPN on your computer and are not doing anything with it, your internet connection is instead being used by nameless third parties. They probably would’ve gotten away with it too, if it weren’t for those meddling hackers who used said bandwidth to launch a botnet attack on 8chan.
Well, Luminati’s patents refer to the technology that allowed this to happen. What it essentially does is it uses code injected in some unrelated software to turn your home computer into a “residential proxy” that stands at the whim of data miners who would use it to scrape the net. Needless to say, this isn’t exactly what we expect of a top-notch privacy/security tool like NordVPN. The only issue is this has very little to do with NordVPN.
Corporations, companies, and TL;DR
The company that, allegedly, stands in violation of Luminati’s patents is OxyLabs. According to the lawsuit, OxyLabs is part of Tesonet – a large Lithuanian corporation that works with a wide range of businesses around the world, and offers many different types of services. One such business/service happens to be the Panama-based NordVPN. So what kind of a relationship is there between OxyLabs and NordVPN? Seems like our relationship with that one dude we sometimes say hello to, purely due to having seen him around.
Yet the gist of what all these scaremongers and social media trolls are saying goes well beyond facts and straight into the realm of the absurd. Is this OxyLabs botnet code injected by NordVPN? We can neither confirm nor deny, eh?
In actuality, it isn’t very difficult to check whether NordVPN is doing some shady stuff on your system – just check what requests it’s sending. However, even short of checking, we just need to look at the lawsuit – it lists some apps that allegedly contain the code:
“Upon information and belief, the above OxyLabs embedded code has been integrated in at least the following software applications that may be downloaded by any user located anywhere having Internet access: AppAspect Technologies’ “EMI Calculator” and “Automatic Call Recorder”; Birrastorming Ideas, S.L’s “IPTV Manager for VL;” CC Soft’s “Followers Tool for Instagram;” Glidesoft Technologies’ “Route Finder;” ImaTechInnovations’ “3D Wallpaper Parallax 2018;” and Softmate a/k/a Toolbarstudio Inc.’s “AppGeyser” and “Toolbarstudio.”
Call us crazy, but we think NordVPN would top that list if there was any proof the software was liable. Even the plaintiff makes no such allegation! But we didn’t take their word for it – they are patent trolls, after all. Instead, we checked the NordVPN app using tcpdump (which is Freely available to readers of this article) and found no suspicious requests whatsoever.
NordVPN’s Terms of Service state the following:
Every competitor will have looked for ways to attack such tall claims, but not many have succeeded. For the time being, this seems no different.
Is it all fine and dandy then?
NordVPN comes just as recommended today as it did a month ago. It’s a stellar product with very little going against it.
With all that said, ‘dandy’ may be overstating it a little. As fans of ethics in the online sphere, we’d like there to be absolutely no way for us to put the words “NordVPN” and “data mining” in the same sentence. As it stands now, it would seem there is some sort of link between these companies, no matter how insignificant. Therefore, it’s nice to hear that NordVPN have decided to hire an independent company to carry out an independent audit of their service. We’ll be waiting for the results!