Hot Take ExpressVPN privacy and server technology gets the OK from two new independent audits


Level 8
Thread author
Jul 21, 2017

ExpressVPN says its privacy policy and core server technology have been validated in two new independent audits from KPMG and Cure53.

The independent auditors from KPMG performed testing on ExpressVPN's controls framework and interviewed its team members in order to check on the processes, systems, and controls to ensure its VPN servers were in compliance with its privacy policy.

The audit, which was conducted under the International Standard on Assurance Engagements (ISAE) (UK) 3000 Type 1, included testing ExpressVPN's policy of not collecting activity logs or connection logs, and that TrustedServer technology operates as it describes.


Level 19
Top Poster
Jan 21, 2018
I'm not having a pop at this post, it is good to be made aware of this audit, but the following points came to mind after I'd read it.

Is this audit a possible attempt by Kape Technologies to improve their reputation?

I don't know anything about KPMGs abilities to audit tech businesses, but here in the UK they have a pretty poor reputation for financial auditing, which I believe was part of their original business market. Central government out-sourcing businesses, major banks and Rolls-Royce audit failures all led to quite substantial fines. Some reports suggested that there was a certain amount of dodgy dealing involved. KPMG have been placed under a higher level of scrutiny than had been the norm. KPMG is not the only large auditing business to have faced similar criticisms of its standards.
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.