A virtual private network — better known as a VPN — is a key way to help protect your privacy when online, especially when you’re logging on from public spaces such as a hotel lobby, coffee shop, library, or airport. Online privacy, though, isn’t absolute, even with a VPN. That’s because your VPN provider will know your IP address and what sites you visit. The key, then, is to work with a VPN that you trust. You want a VPN that doesn’t track your data when you’re online. If your provider doesn’t log your keystrokes, it also won’t provide your information to other agencies or businesses.
VPNs are in high demand as people around the world scramble to keep access to TikTok and BGMI amid a looming government ban. There are dozens of free VPNs out there that promise to protect your privacy by keeping you anonymous on the internet and hiding your browsing history. Don’t believe it. Free VPNs are bad for you. The internet is a hostile place for the privacy-minded. Internet providers can sell your browsing history, governments can spy on you and tech titans collect huge amounts of data to track you across the web. Many have turned to VPNs, or virtual private networks, thinking that they can protect you from snoopers and spies.
VPNs are legal in almost every country, depending on what you’re doing. However, their usage is currently in a legally grey area in some countries like Iran and UAE, where they are heavily regulated by the government. Similarly, Russia and China have banned unapproved VPNs to prevent access to the content they deem “unlawful.”
Certain activities that you can engage in using it can be illegal. This includes torrenting copyrighted material, for example. Also, many online services block VPNs. That doesn’t make it a crime to use them, but it may go against the ToS you agreed to when you signed up.
But where VPNs try to solve a problem, they can also expose you to far greater privacy risks. VPNs were first designed for employees to virtually connect to their office network from home or while on a business trip. These days, VPNs are more widely used for hiding your online internet traffic and tricking streaming services into thinking you’re in another country when you’re not. That same technique also helps activists and dissidents bypass censorship systems in their own countries.
Certain free VPNs can even infect you with malware, and others track your online activity to sell it to the highest bidder for malvertising purposes. Also, many have security flaws and can’t even keep your personal data private. Choosing the right one can be tricky, especially when you don’t know whose claims are trustworthy.
VPNs work by funneling all of your internet traffic through an encrypted pipe to the VPN server, making it more difficult for anyone on the internet to see which sites you are visiting or which apps you are using. But VPNs don’t inherently protect your privacy or give you anonymity. VPNs simply divert all of your internet traffic from going to your internet provider’s systems into the VPN provider’s systems instead.
That begs the question: Why should you trust a VPN that promises to protect your privacy more than your internet provider? The answer is that you can’t, and you shouldn’t. By far, some of the worst offenders are free VPNs.
As the old adage goes, if it’s free then you are the product. What that means is that they make money off you — specifically, your data. Like any service that costs nothing, VPNs are often supported by ads. That means taking your internet traffic and selling it to the highest bidder to serve you targeted ads while you’re connected to the VPN. Other free VPNs have been accused of injecting ads into the websites that you visit.
While there are paid and premium VPNs that are generally more mindful of your privacy, they aren’t anonymous, as they can be linked to your billing address. Paid VPNs also don’t solve the problem of funneling all of your internet traffic to a potentially untrustworthy company. Some VPN providers also claim to protect your privacy by not storing any logs or tracking which websites you visit or when. While that may be true in some cases, there’s no way you can be completely sure. In fact, some VPN providers have claimed they don’t store any logs — but were proven completely false. Take UFO VPN, which at the time had about 20 million users. It claimed to have a zero-logging policy. But security researchers found the company’s logging database exposed to the internet, and no password was needed. The database was packed with logs of user activity, including which websites users were visiting.
Former NYPD director of cyber intelligence and investigations Nick Selby, now the chief security officer at fintech company Paxos, said he only uses VPN providers that he knows do not store any logs. During his time as a police officer, he would serve search warrants and know which providers were “the best at giving me nothing,”
It’s not to say that all VPNs are unscrupulous or invading your privacy. Much of the problem with VPNs is that you can’t look under the hood and see what’s going on with your data. Standalone VPNs, like Algo and WireGuard, let you create and control your own VPN server through a cloud service, like Amazon Web Services, Microsoft Azure, Google Cloud, or Digital Ocean. But remember: your encrypted data is stored on another company’s cloud, making it potentially susceptible to being grabbed by the authorities. VPNs can be useful, but it’s important to know their limitations. Just don’t rely on them to protect your privacy or your anonymity.
If you’re using a VPN for security, then turning to an unknown service provider with no transparency policy as a purportedly more secure alternative to your usual ISP is a poor move. Remember that you’re effectively choosing a different company that’ll be able to see all your activities instead of whoever supplies your broadband.
Even if you just want to switch regions for a quick look at what US Netflix viewers get to see, it’s important to think first about exactly what other data about you, your phone, and your activities you might be giving to whom. While the gold standard for privacy is a correctly configured VPN endpoint that you control, that’s not practical for everyone, and non-exploitative commercial VPN services even free ones do exist.
The guidelines for better Privacy management and administration are straightforward once you understand them. Once they become ingrained in your behavior, they will aid in defending you from frequent scam tactics. Get in touch with us at firstname.lastname@example.org If you want to run an audit of your consent practices, check out our Regulatory Compliance Service, and Schedule a call with our experts by clicking here.