Early this year, the U.S. Congress rolled back Internet privacy rules, giving service providers free reign to track, store and sell browsing data. In July, the U.S. Department of Justice (DoJ) issued a warrant to DreamHost, asking for a list of everyone who visited DisruptJ20.org — a site used to plan protests at President Trump’s inauguration. Both events raise important questions about online privacy, and many consumers are turning to Virtual Private Networks (VPN).
More private than private browsing
Firefox private browsing with tracking protection is great at protecting you from invasive trackers and keeping your browser history secret, but when you surf the web, you leave footprints that Firefox can’t erase — your IP address is logged at the sites you visit and your ISP may keep records. That usually isn’t an issue, but the sites you visit could expose you to unwanted attention from government agencies or even hackers. A VPN can hide those footprints from prying eyes and add an extra layer of security against hackers.
What is a VPN?
A VPN is a secure connection between your computer and a server. All your Internet traffic and browsing data goes through that remote server. To the outside world, the anonymous server is doing the browsing, not you. ISPs, government agencies, hackers or anyone else can’t track your activity online.
How does a VPN work?
When you connect to a VPN, you create a secure, encrypted tunnel between your computer and the VPN remote server. The data is essentially gibberish to anyone who intercepts it. Your ISP, government or hackers won’t know which websites you visit. And conversely, the websites you visit won’t know where you are. Typically, logging in to a VPN is as easy as entering a password and clicking a button on a VPN client or a web browser extension.
Are VPNs truly private?
Unfortunately, no. The VPN provider can still log your browsing data. You are essentially putting your trust in your VPN provider. Will your provider hand over info when pressed? Will they log your browser data and sell it at a later date?
ManyVPN providers are trustworthy and vow to keep customer info private, but some are downright nefarious. Researchers recently tested 300 free VPN apps on Google Play and found that nearly 40 percent installed malware or malvertising on users’ machines. (NPR has a brilliant article about VPNs and privacy here.) The lesson? Pick a VPN provider you can really trust.
Also realize that there are things beyond your VPN provider’s control. If you live under a repressive regime a VPN might not let you tunnel under restrictions to access blocked sites.
How do you pick a VPN provider?
It may be tempting to turn to a free VPN provider, but many simply don’t deliver a great experience. Some sell your data (anonymized) to advertisers in order to survive. Other VPN services run ads. Some may be free and secure, but are painfully slow.
It can also be tricky to pick a good paid VPN service. For example, a provider may offer secure connections and ultimate privacy, but a limited number of server locations. Your browsing data may not be as anonymized as you’d like.
Here are some questions you should ask when considering a VPN provider:
- What kind of data, if any, does the VPN provider collect about your browsing?
- How long does it keep this data?
- Are there any restrictions?
- Where are the VPN servers?
- How do you pay for the VPN service?
That last question can be really tricky. If you pay for the VPN service with credit card or PayPal, how private will it be? If you’re after ultimate privacy and security, look for a service that accepts payment from anonymous services like Bitcoin.
VPNs are surging in popularity, thanks to recent rollbacks in Internet privacy rules and government sleuthing. But they may not be as safe as they claim. Do your research, ask the right questions, and make sure you find a service provider that delivers on their promise.