docs: Move privacy documentation from README to FAQ

- Remove Privacy Considerations section from README
- Add expanded 'Does Algo support zero logging?' question to FAQ
- Better placement alongside existing logging/monitoring questions
- More detailed explanation of privacy features and limitations

README.md

@@ -25,34 +25,6 @@ Algo VPN is a set of Ansible scripts that simplify the setup of a personal WireG
 * Does not claim to provide anonymity or censorship avoidance
 * Does not claim to protect you from the [FSB](https://en.wikipedia.org/wiki/Federal_Security_Service), [MSS](https://en.wikipedia.org/wiki/Ministry_of_State_Security_(China)), [DGSE](https://en.wikipedia.org/wiki/Directorate-General_for_External_Security), or [FSM](https://en.wikipedia.org/wiki/Flying_Spaghetti_Monster)
 
-## Privacy Considerations
-
-Algo was originally designed with security and ease-of-use as primary goals, rather than zero-logging. Recent updates have introduced privacy enhancements as best-effort improvements, but users should understand the current limitations and trade-offs.
-
-**Privacy Enhancements in Recent Updates:**
-* Reduced default logging for VPN connections and authentication events
-* Minimized retention of connection metadata where practical
-* Improved log rotation and cleanup procedures
-
-**What May Still Be Logged:**
-* System-level logs for troubleshooting server issues
-* DNS query logs (if ad-blocking DNS resolver is enabled)
-* SSH access logs for administrative connections
-* Cloud provider metadata and billing logs (outside Algo's control)
-
-**Maximizing Privacy:**
-* Regularly review and clean `/var/log/` directories on your server
-* Consider disabling the DNS ad-blocking feature if DNS query privacy is a concern
-* Use ephemeral cloud instances that can be destroyed and recreated
-* Be aware that your cloud provider may maintain separate logs and metadata
-
-**Trade-offs:**
-* Reduced logging may make troubleshooting connection issues more difficult
-* Some diagnostic information needed for support requests may not be available
-* Cloud provider logs and metadata remain outside of Algo's control
-
-Remember that your cloud provider, ISP, and destination websites can still observe traffic patterns and metadata. Algo primarily protects the content of your traffic between your device and the VPN server.
-
 ## Deploy the Algo Server
 
 The easiest way to get an Algo server running is to run it on your local system or from [Google Cloud Shell](docs/deploy-from-cloudshell.md) and let it set up a _new_ virtual machine in the cloud for you.

docs/faq.md

@@ -10,6 +10,7 @@
 * [I deployed an Algo server. Can you update it with new features?](#i-deployed-an-algo-server-can-you-update-it-with-new-features)
 * [Where did the name "Algo" come from?](#where-did-the-name-algo-come-from)
 * [Can DNS filtering be disabled?](#can-dns-filtering-be-disabled)
+* [Does Algo support zero logging?](#does-algo-support-zero-logging)
 * [Wasn't IPSEC backdoored by the US government?](#wasnt-ipsec-backdoored-by-the-us-government)
 * [What inbound ports are used?](#what-inbound-ports-are-used)
 * [How do I monitor user activity?](#how-do-i-monitor-user-activity)
@@ -59,6 +60,37 @@ Algo is short for "Al Gore", the **V**ice **P**resident of **N**etworks everywhe
 
 You can temporarily disable DNS filtering for all IPsec clients at once with the following workaround: SSH to your Algo server (using the 'shell access' command printed upon a successful deployment), edit `/etc/ipsec.conf`, and change `rightdns=<random_ip>` to `rightdns=8.8.8.8`. Then run `sudo systemctl restart strongswan`. DNS filtering for WireGuard clients has to be disabled on each client device separately by modifying the settings in the app, or by directly modifying the `DNS` setting on the `clientname.conf` file. If all else fails, we recommend deploying a new Algo server without the adblocking feature enabled.
 
+## Does Algo support zero logging?
+
+Algo was not originally designed for zero-logging, but recent updates have introduced privacy enhancements to significantly reduce the logging footprint. Here's what you need to know:
+
+**Recent Privacy Enhancements:**
+* **StrongSwan logging disabled by default** - Connection logs no longer record who connects, when, or from which IP
+* **DNSCrypt syslog disabled** - DNS queries are not logged to system logs
+* **Sensitive data protection** - All passwords, keys, and credentials are now hidden from Ansible logs
+* **Aggressive log rotation** - Logs are automatically rotated and deleted after 7 days
+* **Optional privacy features** - Bash history clearing, VPN log filtering, and more
+
+**What May Still Be Logged:**
+* System errors and security events (failed authentications, system updates)
+* SSH administrative access for server management
+* Cloud provider logs and metadata (outside Algo's control)
+* Kernel messages and system diagnostics needed for troubleshooting
+
+**How to Maximize Privacy:**
+* Keep the default privacy settings enabled in `config.cfg`
+* Use the privacy monitoring script: `sudo /usr/local/bin/privacy-monitor.sh`
+* Deploy on ephemeral cloud instances that can be destroyed when needed
+* Review the privacy settings in `config.cfg` for additional options
+
+**Important Limitations:**
+* WireGuard inherently shows last endpoint and handshake time via `sudo wg`
+* Cloud providers maintain their own logs and traffic metadata
+* Your ISP and destination websites can still observe traffic patterns
+* Complete zero-logging may make troubleshooting difficult
+
+The privacy enhancements are enabled by default but can be disabled if you need more detailed logging for debugging. See the `privacy_enhancements_enabled` setting in `config.cfg`.
+
 ## Wasn't IPSEC backdoored by the US government?
 
 No.