📎 Source Note: Transparency is essential in journalism. The facts and figures presented in this article are derived directly from the legal filings in this case. A copy of which can be found at the bottom of this article. We encourage readers to review the primary source document for themselves.

Corporate Greed Case Study: NordVPN & Its Impact on American Consumers

TL;DR Summary: A major class-action lawsuit alleges that NordVPN, a global leader in internet security, built its billion-dollar empire on a foundation of deception. The company is accused of trapping millions of American consumers in costly, auto-renewing subscriptions using a sophisticated web of “dark patterns,” including hidden terms, a deliberately confusing cancellation process, and unconventional charging practices. This case study explores the claims that NordVPN intentionally engineered its systems to profit from customer inertia and confusion, turning the promise of online security into a source of financial injury for the very people it claimed to protect.

Read on for a detailed breakdown of the alleged scheme, the corporate structure designed to obscure accountability, and how this case exemplifies the systemic failures of consumer protection in an era of unchecked profit maximization.

Introduction: The Promise of Security, The Reality of Deception

In the sprawling digital marketplace, where privacy is a commodity, NordVPN stands as a titan. It markets itself as a shield for the prudent consumer, a trusted tool offering “safe and private access to the internet.” Yet, a lawsuit filed in the U.S. District Court for the Northern District of Illinois paints a profoundly different picture—one not of protection, but of predation.

The legal complaint alleges that NordVPN and its web of associated companies, collectively operating as “Nord Security,” have systematically engaged in deceptive and illegal “automatic renewal” tactics. The company is accused of intentionally misleading consumers into believing they are signing up for a fixed-term service, only to trap them in a cycle of unwanted, recurring charges. This evil scheme is described as a deliberate architecture of deceit, engineered to exploit consumer psychology and extract revenue from unwitting customers.

Inside the Allegations: An Architecture of Deceit

The lawsuit methodically deconstructs NordVPN’s alleged “negative option scheme,” where a consumer’s failure to cancel is interpreted as consent for ongoing charges. This business model, while common, is allegedly deployed by NordVPN with a trifecta of harmful practices: misleading terms, a failure to obtain informed consent, and a cancellation process so difficult it becomes a trap. The complaint details at least four layers of deception that work in concert to saddle consumers with subscriptions they never intended to maintain.

First, the enrollment process is presented as a masterclass in misdirection. The company offers what appear to be time-limited plans, such as a two- or three-year subscription, while allegedly burying the auto-renewal terms in fine print. These “disclosures” are placed at the bottom of the payment page in a light gray font, requiring users to scroll down to see them, and are not presented in a way that clearly calls attention to the language of perpetual renewal.

Second, the company employs a highly unconventional charging practice. Instead of billing customers for a renewal after their current subscription period ends, NordVPN allegedly extracts payment up to 14 days before the term is over. This practice locks consumers into another expensive, often yearlong, subscription well before a reasonable person would expect to be charged, making it difficult for those who wished to cancel to avoid the fee.

Third, the lawsuit describes the cancellation process as a “roach motel”—easy to get into, but nearly impossible to get out of. To cancel, a customer cannot simply click a “Cancel Subscription” button. Instead, they must navigate a confusing maze within their account portal, find a “Billing” section, click a “Subscriptions” tab, locate a line item for “Auto-renewal,” and click “Manage” to finally access the option to turn it off. This convoluted, multi-step process is allegedly designed to frustrate and thwart cancellation attempts. For users of the mobile app, the complaint alleges there is no way to cancel autorenewal at all.

Fourth, NordVPN is accused of failing to provide legally adequate notice before renewing subscriptions. In one instance involving the plaintiff, the company sent an email after an unauthorized charge, admitting it had failed to provide any prior notice. In a subsequent year, the renewal “notice” email allegedly misled the customer about the exact date of the charge, with the company processing the payment a day earlier than stated.

Timeline of an Alleged Victim

The experience of the lead plaintiff, Michael Sasgen, provides a clear timeline of the alleged harm. This sequence of events forms the basis of the class-action complaint, illustrating how a single consumer was allegedly ensnared in unwanted charges over multiple years.

Date	Event
Nov. 18, 2020	Plaintiff purchases what he believes is a discrete three-year subscription to NordVPN.
Nov. 4, 2023	NordVPN charges the plaintiff for a one-year renewal, allegedly without any prior notice.
Nov. 9, 2023	The company sends an email to the plaintiff admitting he was “charged for the Nord subscription renewal without prior notice.”
Nov. 3, 2024	NordVPN sends a renewal notice email stating he will be billed on December 4th, 2024.
Dec. 10, 2024	The company again charges the plaintiff for another one-year subscription. The plaintiff claims he was charged a day earlier than the date specified in the notice.
After Dec. 10, 2024	After multiple unwanted charges, the plaintiff finally succeeds in canceling the auto-renewal.
June 20, 2025	A class-action lawsuit is filed against NordVPN, seeking to represent all similarly affected Illinois consumers.

This timeline encapsulates the core of the lawsuit: a consumer who believed his subscription had ended was repeatedly charged without proper consent or clear, timely notice, all while struggling to navigate a cancellation system designed to retain his payments.

Regulatory Loopholes: When Laws Fail to Protect

The lawsuit is grounded in the Illinois Automatic Contract Renewal Act (ARL), a law specifically designed to protect consumers from such deceptive practices. The complaint alleges that NordVPN’s conduct violates the ARL on multiple fronts. The law mandates that renewal terms and cancellation procedures be presented “clearly and conspicuously”—defined as being in larger type, a contrasting font or color, or otherwise set off from surrounding text.

NordVPN’s fine-print, light-gray disclosures allegedly fail this legal test. Furthermore, the ARL requires companies to obtain a consumer’s affirmative consent to the renewal terms before charging them. The lawsuit claims that NordVPN’s payment page during the class period contained no mechanism, such as a checkbox, for consumers to actively agree to the auto-renewal, constituting another direct violation.

This situation is a textbook example of legal minimalism, a strategy where corporations comply with the barest form of the law while violating its spirit. By burying disclosures and designing user interfaces that obscure critical information, companies can create a veneer of legality while ensuring the profitable, anti-consumer outcome remains. In a neoliberal system that prioritizes deregulation, laws like the ARL are often the only bulwark against predatory business models. The allegations suggest that NordVPN treated these consumer protection statutes not as a moral baseline, but as a set of obstacles to be cleverly navigated.

Profit-Maximization at All Costs

The intricate system of this unethical deception is a calculated business strategy driven by a single-minded pursuit of profit. The legal complaint explicitly references the industry insight that “the real money is in the inertia”—that is, profiting from customers who lose interest but find it too difficult to cancel. NordVPN’s alleged use of “dark patterns” is the practical application of this cynical principle.

“Dark patterns” are user interface designs, informed by behavioral psychology, that trick users into taking actions they did not intend, such as signing up for recurring payments or sharing more personal data. The lawsuit contends that NordVPN’s entire subscription funnel, from its confusing payment page to its “roach motel” cancellation process, is a form of dark pattern. By making it easy to subscribe and hard to leave, the company allegedly ensures a steady stream of revenue from unwanted renewals.

This profit-maximization ethos is contextualized by the company’s immense financial success. The complaint notes that Nord Security was valued at $1.6 billion in 2023 and has over 15 million users, with the majority located in the United States. The lawsuit seeks more than $5,000,000 in damages, underscoring the vast sums of money at stake—all allegedly extracted through a system that prioritized revenue growth over transparent and ethical business practices.

The Economic Fallout: A System of Small-Scale Harm

The economic damage detailed in the complaint is significant, not because of the amount taken from any single individual, but because of the sheer scale of the alleged scheme. The lead plaintiff lost $271.80 to unwanted charges. While a seemingly small amount, it represents a meaningful loss for an ordinary person. When multiplied across a potential class of thousands of consumers in Illinois alone, the financial harm becomes substantial.

The lawsuit argues that this model of inflicting small, repeated financial injuries is itself a strategic choice. The cost and complexity of challenging a multi-billion dollar corporation over a hundred-dollar charge makes it illogical for any single consumer to sue. This power imbalance ensures that, without a class-action lawsuit, the company could continue its practices with impunity.

This dynamic illustrates a core failure of corporate accountability under modern capitalism. When the harm is widely distributed in small doses, it rarely triggers the threshold for individual legal action, allowing corporations to profit from a high volume of minor transgressions. The class action, in this context, becomes one of the few tools available to aggregate these individual injuries into a collective grievance large enough to challenge corporate power and seek redress.

The PR Machine: Crafting an Image of Trust

While allegedly ensnaring consumers in a deceptive subscription web, NordVPN has invested heavily in a public image of trustworthiness and expertise. The company advertises widely online and on dozens of popular podcasts, sponsoring influencers who tout its benefits to their loyal audiences. It claims to be “trusted by tech experts and users,” creating an alarming contrast between its public-facing brand and its alleged back-end practices.

This marketing blitz serves to build a reservoir of goodwill that can obscure the negative experiences of individual customers. By positioning itself as a leader in cybersecurity and a champion of online freedom, the company creates an aura of legitimacy that makes its alleged deceptive tactics even more effective. Consumers, drawn in by the promise of security from a trusted brand, are less likely to scrutinize the fine print or anticipate a difficult cancellation process.

The corporate structure itself adds another layer to this performance of legitimacy. Press releases about $100 million investment rounds are issued under the name “Nord Security,” a brand that fosters an image of a unified, responsible global leader. This carefully crafted public relations narrative is a critical component of the business model, as it manufactures the trust necessary for consumers to let their guard down and enter their payment information.

Profiting from Complexity: A Labyrinth of Corporate Shells

One of the most revealing aspects of the lawsuit is its detailed mapping of NordVPN’s bewildering corporate structure. The services are sold to the public under a single brand, “Nord Security.” However, the complaint alleges that “Nord Security” is a fictitious entity—a brand, not a formal company. In reality, the operation is a tangled web of corporations scattered across the globe, from Panama and the Netherlands to England and Delaware.

The complaint names two Panamanian corporations as defendants: Nordvpn S.A. and Tefincom S.A. It further details a network of related non-defendant entities, including NordSec Ltd. in the U.K. and NordSec B.V. in the Netherlands, which own the intellectual property and trademarks. This opaque structure, the lawsuit argues, is designed to make it nearly impossible for an ordinary consumer to identify which entity they are actually doing business with.

This intentional complexity serves a strategic purpose in a late-stage capitalist system: the diffusion of responsibility. By operating through a maze of subsidiaries and holding companies in different jurisdictions, a corporation can obscure liability, complicate legal challenges, and shield its core leadership and assets. The complaint alleges that these entities operate as “alter egos” of one another, controlled by a unified management team, yet presented to the public and the courts as separate operations. This structure is not a bug; it is a feature designed to protect the evil corporation from accountability.

Wealth Disparity & Corporate Greed

The case against NordVPN is a brutal illustration of modern wealth disparity. On one side stands a multinational corporate apparatus valued at $1.6 billion, backed by $100 million in venture capital funding. On the other side are individual consumers, like the plaintiff who lost $271.80 to charges he never authorized.

This immense power imbalance is central to the alleged scheme’s success. The complaint explicitly states that for an individual customer, the monetary damages are so small compared to the cost of litigation that it “makes no financial sense” to challenge the company’s conduct alone. This economic reality creates a zone of impunity where corporations can allegedly extract millions of dollars through small, repeated, and unlawful charges, fully aware that most victims lack the resources to fight back.

The lawsuit frames this as a deliberate exploitation of a systemic weakness. Corporate greed, in this context, is about architecting a business model that leverages the economic vulnerability of its own customers. The company reaps significant monetary benefits from its improper conduct, while consumers are left with the frustrating choice of either accepting the loss or undertaking a costly and impractical legal battle.

Global Parallels: A Pattern of Predation

The legal action in Illinois does not exist in a vacuum. The complaint points out that the defendants have been named in similar lawsuits across the United States, including in North Carolina, California, Colorado, and New York. This suggests that the allegedly deceptive practices are not isolated to a single state but are part of a standardized, nationwide business strategy.

This pattern of litigation indicates a widespread and systemic issue with the company’s subscription model. Furthermore, the complaint notes that complaints about Nord Security are “legion,” with hundreds of consumers voicing their frustration on public forums like Trustpilot, SiteJabber, and Reddit. The company is allegedly well aware that its scheme is tricking customers and has even developed internal customer service protocols for handling complaints about unwanted subscription charges.

The existence of multiple lawsuits and widespread public outcry demonstrates that the harm is not a matter of individual customer error or misunderstanding. It points to a calculated pattern of corporate behavior that has been replicated across different jurisdictions, victimizing a broad swath of the American public. The company’s continued use of these practices, despite clear messages from its customers, is presented as an act of bad faith.

Corporate Accountability Fails the Public

The NordVPN case underscores a profound failure in corporate accountability. In a system where profit is paramount, the primary mechanisms for checking corporate power—regulation and market reputation—appear to have fallen short. The lawsuit alleges that despite ongoing consumer complaints and a high rate of credit card chargebacks, NordVPN has persisted with its unlawful subscription scheme.

This persistence suggests that the financial benefits of the alleged deception outweigh the costs of customer dissatisfaction and potential regulatory scrutiny. When fines are treated as a mere cost of doing business and reputational damage is managed through aggressive marketing, there is little incentive for a corporation to change its profitable behavior. The burden of enforcement is shifted from regulators onto the victims themselves, who must band together in a class-action lawsuit to seek justice.

This represents a breakdown in the social contract between corporations and the public. Companies that operate in the digital space are expected to be fair and transparent, particularly when handling sensitive payment information. The allegations against NordVPN suggest a betrayal of that trust, where the pursuit of revenue led to the active exploitation of the very consumers it was supposed to serve.

This Is the System Working as Intended

To view the allegations against NordVPN as a simple case of a “bad apple” is to miss the point. From the perspective of late-stage neoliberal capitalism, the company’s immoral actions are the economic system working exactly as designed. When shareholder value is the ultimate metric of success and regulatory oversight is minimal, the most rational path to profit often involves exploiting legal gray areas and human psychology.

The complaint details a business model that monetizes confusion and inertia. The use of “dark patterns,” the deliberately complex cancellation process, and the opaque corporate structure are not aberrations but are logical strategies in an economic environment that rewards growth at any cost. The law becomes not a set of ethical guidelines but a game to be won through clever design and legal maneuvering.

Every unwanted renewal, every frustrated customer who gives up on canceling, contributes directly to the bottom line. In this context, the company’s $1.6 billion valuation is not just a measure of its success in selling a product, but also a testament to its alleged success in engineering a system of profitable consumer deception. This is the predictable outcome of a system that structurally prioritizes corporate profit over public well-being.

Conclusion: The High Cost of Digital Deceit

The class-action lawsuit against NordVPN is more than a dispute over subscription fees. It is a critical examination of the ethics of digital commerce and a powerful indictment of corporate practices that have become rampant in the online economy. The case lays bare the total power imbalance between multinational corporations and individual consumers, revealing how legal and psychological tactics can be weaponized to generate enormous profits at the public’s expense.

The story told in the legal complaint is one of systematic deception, where the promise of online security was allegedly used as a lure to trap customers in a cycle of unwanted debt. It highlights the failure of existing regulations to keep pace with the sophisticated methods of digital exploitation and underscores the vital role of collective action in holding corporate power to account. Ultimately, this case serves as a crucial reminder that in the absence of robust oversight and genuine corporate accountability, the digital marketplace can easily become a frontier for predation, leaving millions of ordinary people to pay the price.

Frivolous or Serious Lawsuit?

This lawsuit appears to be a serious and substantial legal challenge. Its legitimacy is grounded in several key factors detailed within the complaint itself. First, it alleges direct violations of specific and well-defined state laws, namely the Illinois Automatic Contract Renewal Act and the Illinois Consumer Fraud and Deceptive Business Practices Act. The legal complaint meticulously breaks down how NordVPN’s evil practices fail to meet the “clear and conspicuous” disclosure requirements and other mandates of these statutes.

Second, the claims are not vague or speculative. They are supported by a detailed, factual account of the lead plaintiff’s experience, including specific dates, financial figures, and references to direct communications from the company. This provides a concrete foundation for the broader class-action allegations.

Finally, the nature of the harm—a high volume of small-dollar injuries that are impractical to litigate individually—is precisely the kind of situation for which the class-action mechanism was designed. The involvement of established class-action law firms and the demand for over $5,000,000 in damages further signal that this is a well-founded and significant legal action aimed at addressing a widespread and systemic grievance.

sasgen-v-nordvpn-sa-et-al-complaint Download

We’d previously done articles about NordVPN doing shitty billing practices, but this is a different lawsuit and I really hate this fucking company so here’s another article on NordVPN 😀

💡 Explore Corporate Misconduct by Category

Corporations harm people every day — from wage theft to pollution. Learn more by exploring key areas of injustice.

💀 Product Safety Violations — When companies risk lives for profit.
🌿 Environmental Violations — Pollution, ecological collapse, and unchecked greed.
💼 Labor Exploitation — Wage theft, worker abuse, and unsafe conditions.
🛡️ Data Breaches & Privacy Abuses — Misuse and mishandling of personal information.
💵 Financial Fraud & Corruption — Lies, scams, and executive impunity.

NOTE:

This website is facing massive amounts of headwind trying to procure the lawsuits relating to corporate misconduct. We are being pimp-slapped by a quadruple whammy:

The Trump regime's reversal of the laws & regulations meant to protect us is making it so victims are no longer filing lawsuits for shit which was previously illegal.
Donald Trump's defunding of regulatory agencies led to the frequency of enforcement actions severely decreasing. What's more, the quality of the enforcement actions has also plummeted.
The GOP's insistence on cutting the healthcare funding for millions of Americans in order to give their billionaire donors additional tax cuts has recently shut the government down. This government shut down has also impacted the aforementioned defunded agencies capabilities to crack down on evil-doers. Donald Trump has since threatened to make these agency shutdowns permanent on account of them being "democrat agencies".
My access to the LexisNexis legal research platform got revoked. This isn't related to Trump or anything, but it still hurt as I'm being forced to scrounge around public sources to find legal documents now. Sadge.

All four of these factors are severely limiting my ability to access stories of corporate misconduct.

Due to this, I have temporarily decreased the amount of articles published everyday from 5 down to 3, and I will also be publishing articles from previous years as I was fortunate enough to download a butt load of EPA documents back in 2022 and 2023 to make YouTube videos with.... This also means that you'll be seeing many more environmental violation stories going forward :3

Thank you for your attention to this matter,

Aleeia (owner and publisher of www.evilcorporations.com)

Also, can we talk about how ICE has a $170 billion annual budget, while the EPA-- which protects the air we breathe and water we drink-- barely clocks $4 billion? Just something to think about....