Privacy companies based outside the US can still have VPN servers within the US. That traffic would still look domestic. The company being owned and headquartered outside the US just gives them a bit more protection against the rogue US government. Some VPNs also allow multi-hop, so that you can connect to one VPN server via another. That could make it harder for the spooks to see that your traffic is leaving the US. Of course it also means that they might suspect any traffic coming out of a VPN server even based in the US, which is basically the point of this article. And some VPNs allow you to enable a feature that protects against AI-driven data traffic analysis. So that someone who's really committed can't just monitor the size and frequency of your outgoing encrypted packets, then find matching patterns in packets leaving the server you're connected to, tracing it to the destination. Instead, the VPN adds noise and sends uniform packets so that AI can't trace it from source to destination. I don't know if Nord offers these features, cause I don't use Nord. But I've heard some issues about them, which other user's have already mentioned and offered alternatives for, so I'll leave it at that