How VPNs May Undermine, Rather Than Protect, Your Data Privacy
Photo by Chris Yang on Unsplash.
If you’re concerned about your internet provider taking a peek at your browsing history, you might be tempted to consider using a Virtual Private Network (VPN) to hide your activity. While this may seem like an easy way to protect your privacy, the truth is that researchers are increasingly coming to believe that these networks aren’t always secure.
In early 2017, the US government repealed rules that would have left internet service providers unable to track your activity online. Companies such as AT&T and Comcast as well as others can now keep track of your online activity and sell that data to interested parties. Regulation is still in place to moderate what they can and can’t track and sell, and most providers may claim they don’t sell browsing history, but this is hardly reassuring.
Prior to the regulatory rollback, only a few companies (such as Facebook and Google) would collect your search data. But now that ISPs can access everything you do through the IoT, the level of privacy invasion has reached a staggering new high. You don’t need to look any further than the recent Telnet leak of over 500,000 passwords of IoT devices, routers, and servers to understand this.
This invasion of privacy, alongside the growing angst towards data collection activities of tech giants, has led many to seek safety in the world of VPNs.
What is a VPN?
Put simply, a VPN hides your search activity from your provider and (supposedly) from the VPN provider as well. So, if you were to click on Instagram, your provider would simply see an encrypted request sent to a VPN.
Then, on the VPN side of things, the encrypted request would be received and you’d be sent on your merry way to Instagram. In this ideal world, neither party would know a thing, and you’d be free to search as you pleased.
There are many reasons why VPNs are tempting to consumers around the world in an era when we highly value online privacy. VPNs can hide your location, avoid government censorship, and access specific work networks. But most allow one to avoid being “spied on.”
Demand for VPNs is only increasing. One company, TunnelBear, saw demand for its VPN service increase by roughly 200 percent following the aforementioned US rollbacks, and the VPN market is expected to reach $50.153 billion by 2024.
The Risks of Using a VPN
While VPNs might seem like the logical solution, with a paltry cost of a few dollars a month and a promise never to share your activity, the reality is very few of these services actually keep their word. In fact, if you fail to pick the right VPN provider, the privacy cure you’ve been looking for might be worse than your ISP in the first place. With millions of people downloading VPNs to protect themselves, this is something to take seriously.
In the first academic review of the VPN market, researchers around the world examined and tested almost 300 VPN apps. The results were frightening. Almost 50% of VPN apps inserted malvertising and other malware onto the user’s device. And almost 20% failed to encrypt their user’s activity.
To make matters worse, for some users at least, many VPNs can’t reliably unblock Netflix and others will slow down your internet speeds solely to encourage you to buy a faster plan. Perhaps most disturbingly of all, one provider (VPN Hola), even sold its users’ bandwidth for profit. This is a practice they openly admitted on their website.
This isn’t to say that the VPN industry is as unsettling as those statistics would lead you to believe. Some companies, such as NordVPN or ExpressVPN, have well-earned reputations of strong customer service, delivering on their promises, and keeping their users hidden and happy. What these statistics do mean, however, is that great caution must be taken before you start using any VPN.
Many “free” VPN services will consist of extremely brief free trial periods followed by a typical subscription, slow down your internet speeds, or have very limited data usage. The worst free VPN services will even contain malware.
By and large, these kinds of free VPN services should be avoided in favor of a professional and paid service. After all, if you’re not paying for your VPN, how exactly is the provider making money off you? If the answer isn’t immediately obvious, it probably isn’t what you want it to be.
How To Pick a Safe VPN
How much you care about this might be tempered by how private and secure you need your browsing history and data to be. If you’re accessing the internet from home, these risks might not bother you. But if you’re an established business looking to send confidential data and invoices, sensitive business text messages to colleagues, or access important accounts, getting adequate protection might be more important than you realize.
Perhaps the best and safest solution to keeping internet activity safe, while avoiding the risks of VPN providers altogether, is to build your own VPN and browse the internet using a service like Tor. On the browser side, you’ll avoid any and all tracking, censorship, and surveillance.
On the VPN side, you’ll be able to customize exactly what it does to your heart’s content. There are useful guides on exactly how to do this, but it’s unlikely to become a common choice. Most people (and businesses) don’t need extreme levels of customization for their VPN; they just need reliable privacy.
Unless you’re involved in hardcore programming, accessing banned cryptocurrency, or overcoming a country’s censorship, a far easier way to ensure your security is to take the time to research which VPNs are legitimate. In order to do this, you’ll need to find a thorough compilation of VPNs for both paid and free plans.
You’re also going to want to read through the terms of conditions of each service and make sure you clear on exactly how they’re making money. If it’s from a subscription in return for a reputable service, it’s probably a safe VPN provider.
If you do the research, there are plenty of providers that offer a reputable, secure, and private service.
Gary Stevens is a front-end developer and copywriter who specializes in writing about cybersecurity, blockchain, and tech trends.