VPN providers go head-to-head

TorGuard is suing rival VPN provider NordVPN over allegations of blackmail and a distributed denial-of-service (DDoS) attack.

In a filing made to the district court of Orlando, Florida, last month, representatives of TorGuard have accused NordVPN of threatening to release sensitive information about the company unless a product reviewer alleged to be associated with the claimant ceased posting about NordVPN.

TorGuard alleges in the formal complaint (PDF) that NordVPN obtained the information via Collective 7, a web hosting company alleged to have direct ties to NordVPN, which had previously provided services to the complainant.

It claims that NordVPN then threatened to release “confidential and trade secret information” unless a YouTuber called Tom Sparks – who is reportedly connected to TorGuard – stopped posting negative reviews online.

TorGuard alleges that one of its contractors was visited at their home by an “unknown individual” asking questions about their work.

“Within an hour of this in-person and unannounced visit, the same TorGuard contractor received unsolicited correspondence from an employee at NordVPN,” the filing reads.

“This correspondence stated that NordVPN had received certain of TorGuard’s confidential and trade secret information and requested to set up an instant message chat to discuss this with TorGuard.”

NordVPN allegedly informed TorGuard of the data it possessed, and asked for a “gentleman’s agreement”, stating that it won’t be published if the negative reviews stop.

TorGuard, based in Florida, also claims that NordVPN was behind a DDoS attack against its systems on Black Friday, which resulted in service downtime.

“As a result of the website outages caused by the DDoS attack, TorGuard’s business relationships with its clients and potential clients have been negatively affected and TorGuard has suffered significant losses,” the lawsuit reads.

TorGuard is seeking $75,000 from NordVPN and Collective 7 in relation to the allegations, on three counts: violation of the Florida Computer Abuse and Data Recovery Act, violation of the Florida Uniform Trade Secrets Act, and “tortious interference” with TorGuard’s business relationships.

NordVPN refutes the allegations, and published a lengthy blog post in which it claims that the accusations are “fabricated”.

The company says it “received information” that a TorGuard server configuration file was left open on the internet, and informed the complainant so that it could be patched.

It also accused TorGuard of conducting a “year-long baseless defamation campaign” against NordVPN.

The blog post reads: “We aimed to do the right thing in the right way and to compete honestly without damaging the industry, which is why we were so shocked by the response.

“We will immediately move to dismiss TorGuard’s libelous lawsuit, but as long as we’re on the topic: filing false and malicious lawsuits and publishing false and misleading information is against the law.”

NordVPN added that it will be filing its own lawsuit on the grounds of defamation and libel.

Ongoing case

Neither company has so far released any evidence to back up their claims, but both have confirmed that the case is ongoing.

NordVPN told The Daily Swig that it is “still working things out” with its lawyers, and referred us back to its blog post.

The vice president of TorGuard, Benjamin Van Pelt, told The Daily Swig: “TorGuard has requested through our counsel that NordVPN accept service of process of the complaint and summons.

“We look forward to proceeding in the litigation to prove the truth of our allegations.”