CyberGhost VPN’s Quarterly Transparency Report

Three more months have passed, and now it’s time for another chapter in our Transparency Report story. We have a long history of publishing these reports, and now we’re due another edition.

In this Transparency Report, we’ll outline the number of legal requests we received in April, May, and June 2022. We’ll break down these requests by category, and compare the numbers to our previous edition. We want our Ghosties to easily review and compare data, so you can have a clear overview of the measures we take to protect your data.

Let’s start at the beginning.

Legal Requests – Q2 Edition


In the past three months we received 148,553 total requests from various institutions and organizations. As usual, we’ll be splitting that number up into 3 main categories:

          • Digital Millennium Copyright Act (DMCA) complaints 
          • Malicious activity flags
          • Police requests

A breakdown of those numbers looks like this.

DMCA Complaints46,83249,54347,432
Malicious Activity Flags2,2251,3271,174
Police Requests659

Compared to our Q1 report, we notice a 57% increase in legal requests. That said, this increase changes nothing for us. We abide by a strict No Logs policy. We don’t monitor, collect, or store any of your data. We run RAM-only servers which our team designed to never store information. Whenever we receive a legal request, we simply inform the relevant authorities that we have nothing to share and can’t comply.

Since we’re based in Romania, we’re not required by law to store user data. Our privacy-friendly laws are what enable us to deliver a safe and private VPN solution.

Let’s unpack those numbers, and have an in-depth look over each category.

DMCA Complaints


DMCA stands for Digital Millennium Copyright Act, known colloquially as the copyright law. It protects intellectual property and it’s why we receive complaints from various entertainment companies and copyright holders. They notify us when they see one of our IP addresses being used to distribute copyrighted material. This can include anything from movies to books to video games.


As usual, DMCA complaints make up the biggest segment of overall requests. This time they make 96% which seems like a slight decrease from the previous 99%. That said, we can notice a 53% increase in overall DMCA complaints if we take last quarter’s 93,804 complaints into account. 

We notice a steady increase in DMCA complaints that culminate in May.

In 2021, DMCA complaints peaked in May as well.

Malicious Activity Flags


We receive malicious activity flags when authorities or domain owners report that one of our IP addresses was used for cyber attacks. These attacks include DDoS attacks, MitM attacks, suspicious login attempts, botnet attacks, automated spam, and other types of scams.


Malicious activity flags make up 3% of all requests we received this past quarter. Compared to our previous edition with 0.6% it might not seem like much of a difference, but the numbers increased by almost 600%. This is what a visual representation of the sudden increase would look like.

We noticed a similar trend in our 2021’s Q2 report with the same sudden uptake in malicious activity flags starting in April. Due to our strict No Logs policy, we don’t have any data that could explain this phenomenon. 

Police Requests


We receive police requests from various law enforcement agencies around the world. Whenever a criminal investigation leads authorities to one of our IP addresses, they notify the data centers where we store our servers. The data centers then forward the request to us.

Usually, these requests solicit information to aid in the investigation. This typically includes IP addresses, browsing, or account usernames.

Due to our strict No Logs policy, we don’t monitor or collect any such data, so we have no information to share. We inform the authorities that we can’t comply with these requests.


Police requests made up just 1% of all requests we received, but they more than doubled compared to the previous quarter. We can notice a whopping increase from 9 to 20 requests. A monthly breakdown puts April in the lead.

A year ago, we only received 9 requests in our Q2 report. This marks a considerable increase.

We’ve Taken Steps to Protect Our Ghosties in India

The biggest challenge we’ve faced these past three months is India’s No. 20(3)/2022-CERT-in directive. Dubbed as a data collection rule, this directive was issued Apr 28, 2022 and mandated VPN providers collect user data as long as they have servers in India. Indian authorities claimed this data would only be used in the event of cyber incidents and cybersecurity events.

This directive however directly contradicts our No Logs policy. We would never compromise our stance on privacy, so we didn’t have a choice. We pulled our VPN servers out of India.

We didn’t want to leave our Ghosties stranded though. We set up virtual server locations that operate the same as our Indian servers did. You’ll get an Indian IP address, unbeatable 256-bit AES encryption, and data protection backed by our No Logs policy. 

In terms of performance, our Indian virtual server locations perform just as well. Expect fast, buffer-free, and reliable connections. In fact, there’s no discernible difference in how many Ghosties connect to our Indian servers.

We notice an average of 600 daily connections, and this trend appears to be going steady. 

CyberGhost VPN was built to combat all attempts at limiting internet freedom, and now we’re giving everyone in India the chance to regain their online privacy.

Our Fight for Digital Privacy Continues

Here at CyberGhost VPN we’re always committed to providing a more useful insight into the effort that goes into making the internet a safer place. Our quarterly Transparency Report editions are a testimony to that.

We were the first in the VPN industry to publish a Transparency Report, and it’s now become a beloved tradition for us. Aside from our quarterly transparency reports, we’re doing busy work in the background. 

We’re continuing to improve our network and apps, and make CyberGhost VPN the best service it can be. We’re currently focusing on buying more servers, and upgrading our fleet to 10 Gbps servers. We’re also looking to implement more features in our apps to give you full control over your private browsing experience.

Missed our previous reports? You can read our Q1 Transparency Report right here on the Privacy Hub. Or go further back in time and check out our yearly Transparency Reports where you can also take a sneak peek at key statistics about our infrastructure.

Until next time, stay safe and secure!

Leave a comment

World thank ghost


Thank you, Sudu. Glad to hear you enjoyed reading.

Write a comment

Your email address will not be published. Required fields are marked*