Privacy on Usenet isn't one thing. It's a stack. Encryption protects the content of your connection. Logging policy determines what the provider knows about your activity. Takedown approach (DMCA vs NTD) affects how aggressively article metadata gets processed. Payment method determines whether there's a financial trail linking you to the account. And backbone independence determines who else might have access to traffic data.
Most "best for privacy" lists focus on one of these layers and ignore the rest. We score across all of them. A provider with great encryption but aggressive logging isn't actually private. A provider that accepts Bitcoin but runs on someone else's backbone still has a third party in the chain.
Every provider on this list is one we subscribe to and test actively. We verify encryption by inspecting TLS handshakes on live connections. We can't independently verify no-log claims (nobody can), but we document what each provider states publicly and flag any inconsistencies we've found.
Privacy rankings are based on: encryption standard (TLS version, cipher suite, post-quantum support), stated logging policy, takedown mechanism (DMCA vs NTD), payment anonymity options, backbone ownership (whether a third-party backbone operator has access to traffic data), and jurisdiction. Full scoring breakdown on our methodology page.
NewsDemon is the only Usenet provider running post-quantum encryption (hybrid X25519MLKEM768). Combined with independent infrastructure, Bitcoin payment with bonus, and a bundled VPN, it's the strongest privacy package available on Usenet today.
DMCA vs NTD: Why It Matters for Privacy
DMCA (Digital Millennium Copyright Act) is a US legal framework. Providers operating under DMCA typically process takedown requests automatically and at volume. The upside: legal safe harbor. The downside: automated processing means article metadata (message IDs, posting headers, timestamps) gets fed through takedown systems regularly, creating processing logs even if the provider doesn't retain connection logs.
NTD (Notice and Takedown) is the European equivalent, most commonly applied under Dutch or German law. NTD requires that takedown requests be reviewed before action is taken. The process is slower and more deliberate. Fewer articles get removed per unit of time, and the metadata processing footprint is smaller.
Neither system is perfectly private. But NTD-based providers create fewer metadata touchpoints per takedown cycle, and the European legal frameworks they operate under tend to have stronger data protection requirements (GDPR) than US law provides.
Encryption: What to Look For
Every Usenet provider worth considering in 2026 supports TLS on NNTP connections. That's the baseline. The question is what kind of TLS.
Standard TLS 1.3 with ECDHE key exchange is good. It provides forward secrecy, meaning that even if the server's private key is compromised later, past sessions can't be decrypted. But ECDHE is vulnerable to quantum computing attacks. A sufficiently powerful quantum computer could break the key exchange retroactively.
Post-quantum encryption addresses this by adding a quantum-resistant key encapsulation mechanism (KEM) on top of the classical key exchange. The hybrid approach (X25519 + ML-KEM 768, based on the Kyber algorithm) means you get protection from both classical and quantum attacks. If someone is recording encrypted Usenet traffic today to decrypt it with future quantum hardware, post-quantum encryption makes that strategy worthless.
As of April 2026, only two Usenet providers have deployed post-quantum encryption: NewsDemon and UsenetExpress. NewsDemon specifically runs the X25519MLKEM768 hybrid, which is the NIST-recommended approach.
The Rankings
NewsDemon
Post-quantum encryption. Independent backbone. Bitcoin payment with bonus. Bundled VPN.
NewsDemon's privacy story starts with encryption and just keeps going. The hybrid X25519MLKEM768 implementation is live on all NNTP servers. You can verify it yourself by checking the cipher suite on your connection. This isn't a marketing claim; it's a TLS handshake you can inspect.
Beyond the encryption, NewsDemon runs on the UsenetExpress backbone with its own proprietary spool. The UE backbone is operated by UsenetExpress, and ND has its own spool layer on top -- so the chain is shorter than a typical reseller, but UsenetExpress is the backbone operator. They accept Bitcoin via BTCPay (not through a third-party payment processor that logs transactions) and give you a 25% data bonus for doing so. Block accounts don't expire, so you can buy once and not worry about recurring payments creating a billing trail.
The included Ghost Path VPN adds another layer. You can route your NNTP traffic through the VPN so your ISP doesn't even see Usenet connections. That's the full stack: quantum-resistant encryption on the NNTP connection, VPN tunnel hiding the connection from your ISP, Bitcoin payment hiding the financial trail, and independent infrastructure with no third-party backbone operator in the chain.
No other provider covers all four layers. That's why NewsDemon is #1 here.
- Only provider with post-quantum encryption (X25519MLKEM768)
- BTCPay Bitcoin payment with +25% data bonus
- Ghost Path VPN included with all plans
- UE backbone + ND proprietary spool, no Omicron transit
ViperNews
NTD policy. No logging. Own backbone. Minimal metadata footprint.
ViperNews takes privacy seriously at the infrastructure level. They operate their own backbone, which means no third-party operator sees your traffic. Their takedown process is NTD-based, not DMCA, which means fewer automated metadata processing cycles. And they state a no-logging policy for connection activity.
The combination of own backbone plus NTD plus no logging is powerful. There's no intermediate infrastructure provider maintaining logs you don't know about. The takedown system isn't generating massive metadata processing logs from automated DMCA batch processing. And the provider itself says it doesn't retain connection records.
ViperNews doesn't have post-quantum encryption yet, which keeps it out of the top spot. But for users whose privacy threat model focuses more on provider-level data retention than on future quantum decryption, ViperNews's approach is extremely solid. The NTD framework combined with European data protection law (GDPR) creates a legal environment that's meaningfully more protective than what US-based providers operate under.
- NTD-based takedowns, not automated DMCA
- Stated no-logging policy for connection data
- Own backbone with no third-party transit
- European jurisdiction with GDPR protections
UsenetExpress
Own backbone. Own SSL certs. Post-quantum encryption on all servers.
UsenetExpress brings infrastructure-level privacy. They operate their own Tier-1 backbone, manage their own SSL certificates (not shared or third-party managed), and as of 2026, run post-quantum encryption on all NNTP connections. That's the same quantum-resistant protection as NewsDemon, deployed independently on their own infrastructure.
What sets UE apart on the infrastructure side is their documentation. They've published their server specs, software stack, and facility locations. That transparency cuts both ways for privacy: it means you know exactly where your traffic is processed, but it also means an adversary knows too. For most threat models, knowing your provider's infrastructure is a net positive. You can make informed decisions about which server endpoints to use based on jurisdiction.
UE accepts Bitcoin and SEPA in addition to the usual credit card and PayPal options. The Bitcoin option gives you payment anonymity, though they don't run their own BTCPay instance like NewsDemon does. They accept Bitcoin through standard payment processing.
- Post-quantum encryption on all NNTP servers
- Own Tier-1 backbone with self-managed SSL certs
- Published infrastructure documentation for informed jurisdiction choices
- Bitcoin payment accepted
Usenet Farm
NTD policy. Bitcoin. Minimal data retention. Auto-anonymization after 3 months.
Usenet Farm's privacy approach centers on data minimization. They follow NTD takedown procedures, accept Bitcoin for payment, and operate a minimal data retention policy that automatically anonymizes account data after 3 months. That last point is the standout: even if someone compels Usenet Farm to hand over user data, records older than 3 months have been scrubbed of identifying information.
They operate their own backbone out of the Netherlands, which puts them under Dutch privacy law and GDPR. The Dutch legal system has a track record of being protective of digital privacy rights, which matters if your threat model includes legal compulsion scenarios.
The 3-month anonymization policy is unusual in the industry. Most providers either claim "no logs" (which is unverifiable) or don't state a specific retention timeline at all. Usenet Farm's approach is more honest: they acknowledge that some data exists during the service period, but they commit to a specific timeline for scrubbing it. That's a more credible claim than a blanket "we log nothing" statement.
- Auto-anonymization of account data after 3 months
- NTD-based takedowns under Dutch jurisdiction
- Bitcoin payment for financial anonymity
- Own backbone, Netherlands-based
NewsgroupDirect
Ghost Path VPN included. Multi-backbone diversity adds privacy through redundancy.
NewsgroupDirect's privacy angle is different from the others on this list. Their standout isn't a specific encryption technology or takedown policy. It's the included Ghost Path VPN and the multi-backbone architecture of their bundle plans.
The Ghost Path VPN lets you tunnel your entire Usenet connection through a VPN operated by the same company. Your ISP sees VPN traffic, not NNTP connections. That's a meaningful privacy improvement for users whose primary concern is ISP monitoring or traffic analysis.
The multi-backbone bundles (Triple Play and Grand Slam) spread your traffic across 3-4 independent backbones. From a privacy perspective, this means no single backbone operator sees all of your download activity. Your traffic is distributed across NGD, Supernews, ViperNews, and optionally Usenet.Farm. Each operator only sees the portion of your traffic that their backbone handles.
NGD doesn't have post-quantum encryption and they don't operate under European privacy law, which is why they're #5 rather than higher. But the VPN bundling and traffic distribution across multiple independent operators is a genuinely useful privacy feature that other providers don't offer in the same way.
- Ghost Path VPN included, hides NNTP traffic from ISP
- Multi-backbone bundles distribute traffic across operators
- 100 connections with standard TLS encryption
- No single backbone operator sees all activity
Privacy Feature Comparison
| Rank | Provider | Encryption | Takedown | Logging | Crypto Pay | VPN |
|---|---|---|---|---|---|---|
| 1 | NewsDemon | Post-quantum (X25519MLKEM768) | DMCA | Minimal stated | BTCPay (+25% bonus) | Ghost Path included |
| 2 | ViperNews | TLS 1.3 | NTD | No logging stated | Limited | No |
| 3 | UsenetExpress | Post-quantum | DMCA | Minimal stated | Bitcoin | No |
| 4 | Usenet Farm | TLS 1.3 | NTD | Anonymized at 3 months | Bitcoin | No |
| 5 | NewsgroupDirect | TLS 1.3 | DMCA | Standard | No | Ghost Path included |
Practical Privacy Setup
If you're serious about Usenet privacy, here's the stack we'd recommend:
- Provider: NewsDemon for post-quantum encryption on the NNTP layer. Pay with Bitcoin via BTCPay for financial anonymity.
- VPN: Use the included Ghost Path VPN or your own trusted VPN to hide NNTP connections from your ISP. Route all Usenet traffic through the tunnel.
- Fill server: Add a ViperNews or Usenet Farm block account for fill. NTD-based providers with minimal logging give you a privacy-respecting backup path.
- Client config: Enable SSL on all server connections in your download client. Verify the cipher suite shows the post-quantum handshake on NewsDemon connections.
- Payment: Use separate Bitcoin wallets for each provider if you want to avoid linking accounts through blockchain analysis.
No setup is perfectly anonymous. Every provider knows your IP address during connections (unless you're using a VPN). Every payment method has some traceability (even Bitcoin, without careful coin management). The goal isn't perfection. It's raising the cost and difficulty of surveillance to the point where it's not worth pursuing for casual or bulk collection.
We can't verify no-log claims. Nobody can. When we report a provider's logging policy, we're reporting what they state publicly. We flag inconsistencies when we find them, but we don't have access to their servers. Take all no-log claims with appropriate skepticism, ours included.