> What could they possibly want with the data of a group of people who are by construction not spending money on a VPN? They'd be storing it at a loss.

This is the exact point where our conclusions diverge.

Why are they sending themselves so much "useless" data-intensive logs by default, from their non-paying clients that accounts for roughly ~95% of the userbase and from a profitable business perspective, largely ineligible for troubleshooting support? For me, the only logical conclusion is that the data is valuable to them.

As someone who also cares about privacy, hear are a few things that IMO suggest that free customers' logs are a part of their business model:

* Their documentation has plenty of references to security, but no references to privacy outside of the privacy policy.

* They have all but eliminated any revenue stream from average user when they made an unsolicted announcement that they upgraded their free plan to allow 100 devices and 5 users.

* The content they sponsor for marketing/advertising seems targeted for consumers instead of networking professionals. I don't see Cisco and Palo Alto Networks sponsoring every Linux/self-hosting podcast or YouTube channels for example.

* Even the flag-name for turning off logging is mild deterrent based on what you will lose (`--no-support`) as opposed to being neutral '--no-logging' or truly descriptive like most FOSS companies that are not pushing an ulterior motive such as '--no-analytics'.

* logs cannot be disabled for phones

* In my experience, disabling logs was perhaps the only thing that was not configurable through the GUI

I'm into privacy and still relatively new on the networking scene thanks to setting up OpenWrt on my router. Am I correct that when tailscale updates/hijacked resolv.conf, subsequent DNS resolution is passed onto them on visited websites even when tailscale is not being used? No, they can't "read" your traffic, but if I understand things right, they know every website you visited and for how long, which is more than enough data for a rich marketing profile. That was my takeaway before I jumped ship for a self-hosted solution.

My understanding is that they have the holy grail of data because they are getting all of your LAN, WAN and mobile network traffic. I'm not aware of (m)any companies whose business model allows access to all three? It's like if your ISP and your Mobile Network had a baby on your local server, and that baby reports every website you visit.