VPN WebRTC Leaks and Logging Studies

Let's take a closer look at 2 recent studies about VPN WebRTC leaks and VPN logging policies. 

vpn webrtc leaks photo (fixing a leak)

Which VPNs are safe from WebRTC leaks and logging? 

Within a few days apart, two interesting studies about VPN services were released. 

Below, we give you a quick run down of these two studies and, in light of their results, then discuss how Cogipas’ recommended VPN services fared. 

VoidSec's Study of VPN WebRTC Leaks 

voicsec's logo

VoidSec is a trusted source of Internet security information.

The first was an analysis by independent security expert “VoidSec” about which VPN services suffered from WebRTC leaks. VoidSec is the tagline and domain of well-respected security researcher, Paolo Stagno (source).

This study revealed that 23% of VPNs tested leaked the IP addresses of users via WebRTC. The results were somewhat shocking given that the vulnerability has been known for many years.

Here’s VoidSec’s VPN WebRTC leak study in full and its accompanying data spreadsheet.

In contrast the second study we’ll look at below, VoidSec speaks with authority and the VPN community should stand up and take notice of these results.

You can test your VPN service yourself at https://ip.voidsec.com/ and report the results to VoidSec (instructions how to do so are in the data spreadsheet linked above).

Web Browsers at Risk for WebRTC Leaks

The VoidSec study also sets out the default WebRTC settings for most major web browsers.

screenshot of VoidSec WebRTC leaks data table

VoidSec's list of WebRTC leaking web browsers

As you can see above, VoidSec found the following browsers that have WebRTC enabled by default (a bad thing when using a VPN):

  • Brave
  • Mozilla Firefox
  • Google Chrome
  • Google Chrome on Android
  • Internet (Samsung Browser)
  • Opera
  • Vival

How To Stop Webrtc Leaks

If you use one of the browsers above - after all, Chrome is the most popular web browser - plug any risk of WebRTC leaks by using a browser plugin that blocks WebRTC.

For example, use the WebRTC Leak Prevent plugin for Chrome. Other plugins and add-ons are available for other web browsers.

TheBestVPN's Study of VPN Logging Policies

The second study was an analysis by an “independent” VPN review site about the Privacy Policies of over 115 VPN services. They found that 23% of VPN services collect 3 or more important log files which are deeply hidden in their privacy policy.

We place “independent” in quotes because a tiny footnote on their website reveals that, “Earnings disclosure: We are affiliated with some of the VPN services listed on this site”. Plus, the website seems perhaps to be passing off on BestVPN.com’s well-earned good name.

The analysis is interesting but smacks more of a publicity stunt for their own reviews because the analysis page is chock full of links to their VPN reviews (the ones generating commissions for them).

Plus, there is this bizarre statement by TheBestVPN which seems to expressly condone illegal behaviour while using a VPN, “Bottom line, if you aren’t doing anything illegal, you should be fine. But what’s the point of having a VPN anyway?” Not sure they cleared that one through their lawyers.

Lastly, the “study” they undertook was not at all robust. They basically took VPN privacy policies on their face and did not test the claims set out in privacy policies. Put bluntly, just because a VPN’s privacy policy says it doesn’t collect logs or customer data doesn’t makes the claim true.

We think ThatOnePrivacySite’s logging info on VPN services is a much better source of information than TheBestVPN “study”. Nevertheless.


In light of both of these studies, how did Cogipas’ recommended VPN services fare? Let’s take a look.

ExpressVPN WebRTC Leaks & Logging Policy

VoidSec’s test results concluded that ExpressVPN has no WebRTC leaks.

VoidSec found that ExpressVPN has no WebRTC leaks.

TheBestVPN found that ExpressVPN is a “strict no logging VPN service”. In other words, ExpressVPN earned the highest marks for its privacy and logging policy.

Both of these results reinforce why - among many other reasons - we consider ExpressVPN the best VPN.

IPVanish VPN WebRTC Leaks & Logging Policy

VoidSec gave IPVanish VPN the all-clear for WebRTC leaks.

IPVanish VPN was found safe from WebRTC leaks.

IPVanish also scored the highest marks for non-logging by TheBestVPN and it vouched for this statement in IPVanish’s Privacy Policy, “IPVanish does not collect or log any traffic or use of its Virtual Private Network service.

IPVanish is well-known for its excellent privacy protections and fast speeds.

Try it 7 days risk-free

Private Internet Access VPN WebRTC Leaks & Logging Policy

VoidSec found that Private Internet Access VPN (or PIA as it is known) does suffer from a partial WebRTC leak (it can expose your private LAN’s IP). That won’t affect most people, but it’s still good to know. To ensure no WebRTC leaks occur when using PIA, install a WebRTC blocking plugin with your browser.

Like 4 of 5 of our top recommended VPN services, TheBestVPN judged PIA VPN a “strict no logging VPN service”.

We consider PIA VPN a good VPN, especially for torrent file-sharing, given its fast speeds, non-logging policy and the industry’s lowest prices.

NordVPN WebRTC Leaks & Privacy Policy Results

VoidSec found that NordVPN has WebRTC leaks. As with PIA above, address this blocking WebRTC with a plugin for your browser.

Like ExpressVPN and PIA above, TheBestVPN also gave NordVPN the highest marks as a “strict no logging VPN service”.

PureVPN WebRTC Leaks & Logging Policy Results

VoiSec initially discovered WebRTC leaks, but PureVPN quickly plugged them. VoidSec now confirms that PureVPN has no WebRTC leaks.

VoidSec confirms that PureVPN has no WebRTC leaks.

In the VPN Privacy Policy study by TheBestVPN, PureVPN was found to be 1 of 26 VPN services keeping “3 or more alarming log files”. Ouch.

TheBestVPN criticized PureVPN for advertising itself as a “no logs” VPN service, yet keeping records of the following: Your name, Your email address, Your phone number, Your IP address, Bandwidth data and connection timestamps.

You might be thinking, “Well, why do you recommend PureVPN as the #5 best VPN service?

Here’s why. At the end of the day, PureVPN remains one of the biggest, best, least expensive and fastest VPN services out there.

We wouldn’t recommend that Edward Snowden use it. But for torrenting, streaming and geo-shifting purposes such as to watch Netflix abroad, PureVPN is perfectly fine especially for its attentive customer service and low prices.

The only evidence of PureVPN’s privacy policies coming back to haunt one of its customers was a true scumbag, an alleged serial cyberstalker in the USA (source1, source2 & source3). As long as you are not using PureVPN to illegally stalk and harrass people, we stand by it as the #5 best VPN service in our humble opinion, especially for newcomers to VPN services.

VPN WebRTC Leaks Wrap-Up

Bottom line?

Pay attention to the VoidSec study, but no so much the TheBestVPN study.

Be mindful of WebRTC leaks and either use a web browser that doesn’t enable WebRTC or use a WebRTC-blocking plugin for those web browser’s at risk, like Chrome for example, to eliminate the risk.







NordVPN best secure VPN service

• best VPN overall
• no-logs & P2P allowed
• 59 countries & 5,500 servers


save 72%

Try risk-free for 30 days


ExpressVPN best overall vpn service

• fastest VPN
• no-logs & allows torrenting  
• 94 countries & 3,000 servers


save 49%

Try risk-free for 30 days


Private Internet Access VPN best value VPN service

• cheap VPN
• zero-logs & torrent-friendly
• 77 countries & 17,000 servers


save 82%

Try risk-free for 30 days

Click Here to Leave a Comment Below 0 comments