HMA VPN No Logging Policy Verified by Cyber-Risk Consulting Firm VerSprite
HMA’s no-logging policy awarded low risk rating following independent Privacy Impact Assessment (PIA)
HMA VPN, the net neutrality and anti-censorship company, has been awarded a low risk user privacy impact rating for its no-logging policy following an independent review by cyber-risk consulting firm VerSprite. The assessment, which categorised risk level on a scale of low to critical, included analyses of data, traffic, and storage on both the client and server-side, and the disconnection of user identities with data containing information about online user activity. The introduction of the no-logging policy earlier this year and now the third-party audit forms part of a broader initiative by HMA to become a privacy champion for people around the world.
VerSprite’s technical PIA covered HMA clients for Android, iOS, Mac, and Windows, and ran from the installation process through the entire data flow of the in-scope endpoint applications. VerSprite applied a privacy-focused threat model to encompass manual assessment techniques aimed at identifying where privacy violation risks may be present within the HMA clients. The objective was to identify, report, and provide recommendations for any technical gaps related to HMA’s no-logging policy. This technical PIA follows other security penetration testing efforts by VerSprite on HMA VPN.
Recommended AI News: Michael Brozino Joins Maverick Medical AI as Co-Founder and Chief Commercial Officer
“For years, VerSprite’s Research & Offensive Security teams have found numerous zero day vulnerabilities and risks in VPN software,” said Tony UcedaVélez, CEO of VerSprite. “HMA relied on our offensive security team’s talents to focus more on privacy violations that could be present via the VPN client software. We worked to help validate the assurances made from the no-logging policy and helped them understand the nature of the risks identified so that they could improve the product’s overall privacy level.”
Recommended AI News: Involta Achieves Advanced Consulting Partner Status In The AWS Partner Network
“The introduction of the no-logging policy in May this year was phase one. This stamp of approval from VerSprite is phase two, and moving forwards we will be introducing new privacy features, connection protocols, and improvements to our infrastructure so we can better protect user privacy.”
HMA’s no-logging policy applies to HMA for Windows, Mac, Android, AndroidTV, iOS, and Linux.
Recommended AI News: Daily AI Roundup: The 5 Coolest Things On Earth Today