- Surfshark has stopped collecting your malware-related data
- Any malware statistics collected will be completely anonymized
- The change follows a TechRadar investigation
Surfshark just got even more private. As of today, the company has stopped collecting malware-related data from users of its antivirus software.
This shift in data retention is a response to a TechRadar study that questioned the necessity of a detailed antivirus “paper trail” linked to users.
A Surfshark spokesperson confirmed to TechRadar that any malware statistics collected will now be completely anonymized. This marks a significant privacy win for users of one of the best VPNs on the market.
The article continues below
How TechRadar pushed Surfshark to rethink its antivirus approach
We recently conducted a “Right of Access” test where we asked 10 of the most well-known VPNs for the data they had on us.
While most providers fell short of our expectations, Surfshark excelled, delivering a comprehensive PDF report in just a few hours.
However, the increased transparency revealed a surprising irony. The report was extremely detailed, detailing payment history, account IDs, and a specific log of malware blocked by Surfshark’s antivirus tool.
The antivirus logs were particularly striking. The data included specific malware names found on a user’s machine, the device ID, and the user’s country-level location at the time of detection.
While this retention was consistent with Surfshark’s existing privacy policy, we questioned whether a centralized database was truly compatible with a privacy-first model.
When we presented these concerns to Surfshark, the team initially defended the practice as a useful feature for families monitoring multiple devices.
However, within 48 hours the company reversed its position. Surfshark has now committed to removing all personal identifiers from antivirus logs.
Why it matters
Data minimization is a cornerstone of modern privacy regulation and should be the north star for companies built on digital anonymity.
As major data breaches become more and more common, the best defense is simply not having identifiable data in the first place.
By removing these logs, Surfshark has raised the bar for the industry, proving that privacy practices should be evolving strategies. We are pleased that our investigative work could facilitate a tangible improvement in user security.
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
