[ApolloFortyNine]

>b) they really don't store logs and have no idea which one of its thousands of users logged into his website with that IP.

>It seems in the latter case, even with a malicious VPN, it's one additional (maybe trivial step) to associate me. But it's still better than just using your own ISP. Isn't that why people use VPNs to avoid DMCA letters from their ISP?

I'm not sure how you made this jump. If the provider doesn't have logs, Bob can't find you. The end.

[daxorid]

No-log providers can still very likely be compelled to start logging by a combination of the All Writs Act and NSLs.

[pqdbr]

I also couldn't understand his reasoning here, and I'm surprised you're the only one that pointed this out in this thread.