You clearly haven’t done a lot of research then. Lots of VPNs have no logs policies, those VPN providers have been audited, and their claims of no logs hold up.
Take Proton VPN for example. They’re based in Switzerland. According to Swiss law, If you collect data, you must justify it, protect it, and be transparent about it. Proton wouldn’t risk their entire business on the assumption that they won’t be caught lying. Why do you think so many companies set up their headquarters in Switzerland?
You’re right about one thing. You still have to trust someone. A VPN doesn’t eliminate trust, it shifts it from your ISP to the provider.
The difference is that reputable VPNs are audited, operate under stricter legal frameworks, and have a business model built on not logging user activity. That’s a very different risk profile than “you can’t trust any of them.”
Think of it like this:
Your ISP is a glass car. A bad VPN is tinted windows. A good audited VPN is an armored vehicle.
A tank could still destroy it, but you’re no longer an easy target.
A lot of people exaggerate what VPNs actually do. They’re not magic, but they’re also not useless. They reduce risk, which is the entire point.