Restructure privacy documentation for clarity

- Simplified FAQ entry to be concise with link to README for details
- Added comprehensive Privacy and Logging section to README
- Clarified what IS logged by default vs what is not
- Explained two separate privacy settings (strongswan_log_level and privacy_enhancements_enabled)
- Added clear debugging instructions (need to change both settings)
- Removed confusing language about "enabling additional features"
- Made documentation more natural and less AI-generated sounding

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

README.md

@@ -175,6 +175,33 @@ To add or remove users, first edit the `users` list in your `config.cfg` file. A
 
 After the process completes, new configuration files will be generated in the `configs` directory for any new users. The Algo VPN server will be updated to contain only the users listed in the `config.cfg` file. Removed users will no longer be able to connect, and new users will have fresh certificates and configuration files ready for use.
 
+## Privacy and Logging
+
+Algo takes a pragmatic approach to privacy. By default, we minimize logging while maintaining enough information for security and troubleshooting.
+
+What IS logged by default:
+* System security events (failed SSH attempts, firewall blocks, system updates)
+* Kernel messages and boot diagnostics (with reduced verbosity)
+* WireGuard client state (visible via `sudo wg` - shows last endpoint and handshake time)
+* Basic service status (service starts/stops/errors)
+* All logs automatically rotate and delete after 7 days
+
+Privacy is controlled by two main settings in `config.cfg`:
+* `strongswan_log_level: -1` - Controls StrongSwan connection logging (-1 = disabled, 2 = debug)
+* `privacy_enhancements_enabled: true` - Master switch for log rotation, history clearing, log filtering, and cleanup
+
+To enable full debugging when troubleshooting, set both `strongswan_log_level: 2` and `privacy_enhancements_enabled: false`. This will capture detailed connection logs and disable all privacy features. Remember to revert these changes after debugging.
+
+After deployment, verify your privacy settings:
+```bash
+ssh -F configs/<server_ip>/ssh_config <hostname>
+sudo /usr/local/bin/privacy-monitor.sh
+```
+
+Perfect privacy is impossible with any VPN solution. Your cloud provider sees and logs network traffic metadata regardless of your server configuration. And of course, your ISP knows you're connecting to a VPN server, even if they can't see what you're doing through it.
+
+For the highest level of privacy, treat your Algo servers as disposable. Spin up a new instance when you need it, use it for your specific purpose, then destroy it completely. The ephemeral nature of cloud infrastructure can be a privacy feature if you use it intentionally.
+
 ## Additional Documentation
 * [FAQ](docs/faq.md)
 * [Troubleshooting](docs/troubleshooting.md)

docs/faq.md

@@ -62,34 +62,7 @@ You can temporarily disable DNS filtering for all IPsec clients at once with the
 
 ## Does Algo support zero logging?
 
-Algo was not originally designed for zero-logging, but recent updates have introduced privacy enhancements to significantly reduce the logging footprint. Here's what you need to know:
-
-**Recent Privacy Enhancements:**
-* **StrongSwan logging disabled by default** - Connection logs no longer record who connects, when, or from which IP
-* **DNSCrypt syslog disabled** - DNS queries are not logged to system logs
-* **Sensitive data protection** - All passwords, keys, and credentials are now hidden from Ansible logs
-* **Aggressive log rotation** - Logs are automatically rotated and deleted after 7 days
-* **Optional privacy features** - Bash history clearing, VPN log filtering, and more
-
-**What May Still Be Logged:**
-* System errors and security events (failed authentications, system updates)
-* SSH administrative access for server management
-* Cloud provider logs and metadata (outside Algo's control)
-* Kernel messages and system diagnostics needed for troubleshooting
-
-**How to Maximize Privacy:**
-* Keep the default privacy settings enabled in `config.cfg`
-* Use the privacy monitoring script: `sudo /usr/local/bin/privacy-monitor.sh`
-* Deploy on ephemeral cloud instances that can be destroyed when needed
-* Review the privacy settings in `config.cfg` for additional options
-
-**Important Limitations:**
-* WireGuard inherently shows last endpoint and handshake time via `sudo wg`
-* Cloud providers maintain their own logs and traffic metadata
-* Your ISP and destination websites can still observe traffic patterns
-* Complete zero-logging may make troubleshooting difficult
-
-The privacy enhancements are enabled by default but can be disabled if you need more detailed logging for debugging. See the `privacy_enhancements_enabled` setting in `config.cfg`.
+Yes, Algo includes privacy enhancements that minimize logging by default. StrongSwan connection logging is disabled, DNSCrypt syslog is turned off, and logs are automatically rotated after 7 days. However, some system-level logging remains for security and troubleshooting purposes. For detailed privacy configuration and limitations, see the [Privacy and Logging](#privacy-and-logging) section in the README.
 
 ## Wasn't IPSEC backdoored by the US government?