How to choose a VPN that actually protects your privacy

iVPNThe following post is from iVPN’s head of business development Christopher Reynolds. IVPN is a Virtual Private Network (VPN) provider and Electronic Frontier Foundation (EFF) member that’s dedicated to protecting user privacy. 

Make no mistake: we’re in the midst of an upheaval when it comes to online surveillance laws. From the US to Australia, western governments have found themselves desperately trying to introduce legislation that would have dire consequences for Internet freedoms and online privacy if enacted. Such legislation will likely see increases in the use of Virtual Private Networks (VPNs). A VPN secures your computer’s Internet connection so that all of the data you’re sending and receiving is encrypted and never logged, therefore protecting you from snooping.

However, while many VPNs take privacy seriously, many others in operation today offer no more protection than a regular Internet Service Provider (ISP). In fact, they might be handing your data over to law enforcement. Read on to learn how to pick a VPN that really secures your privacy.

The growing threat of government surveillance

Surveillance laws need updating. The channels of our everyday communication have changed dramatically over the past few years and it’s only right that governments respond to this shift. But as we’ve seen recently with CISPA in the US, the CCDP in the UK, and the current surveillance proposals in Australia, western law enforcement agencies are using this opportunity to exploit the situation and call for unprecedented powers of surveillance.

All of these new bills have one thing in common: they aim to make it easier for law enforcement to monitor everyday Internet activities, such as web browsing and emailing. In European countries, these efforts are being facilitated by the EU-wide Data Retention Directive, which mandates that all EU-based ISPs must retain a customer’s data for between 1 and 2 years after they leave the service. Such a law does not exist in the US (well, not yet anyway), so law enforcement wants to make it easier for internet services, such as Facebook and Skype, to do the spying for them. It’s also worth noting that just because the US doesn’t have a data retention law doesn’t mean ISPs cannot, and are not, retaining data.what-is-vpntunnel

Not all VPNs are born equal

As research conducted last year in Sweden suggests, the more surveillance fears increase, the more Internet users gravitate toward using VPNs. We can therefore expect VPNs to become more mainstream over the next few years, as surveillance issues gain traction and media attention. However, this will also lead to many companies taking advantage of the situation and offering VPN services that are not privacy-oriented and will not protect Internet users from the overbearing surveillance they are trying to escape.

This is not news. In fact, one of the most popular VPNs on the market, HideMyAss.com, has proven itself to offer no protection from government surveillance. Back in 2011, HideMyAss was forced to hand over data logs belonging to a member of hacker group Lulzsec to the US authorities. There is no point, at least from a privacy perspective, of using a VPN if it’s retaining data. If you retain data, then you’re compelled by law to hand it over when requested. The way VPNs get around this rule is by wiping logs as soon as they’re created.

Questions to ask when choosing a VPN

HideMyAss is not alone. A number of popular VPN services keep data logs (around six last time we checked) and new services are springing up all the time. If you decide to use a VPN for privacy reasons, then these are the key questions you need to ask:

1. What is the company’s data retention policy? – If the small print says they keep logs of their users’ information, then stay away. But many companies aren’t forthcoming about this information. If you can’t find an answer, contact the VPN and ask them. Do not sign up unless they reply that they don’t keep logs.

2. Where is the company based and what will it do with your data? – It’s always worth checking what the laws are regarding data retention and surveillance within the country where your VPN is headquartered. Law enforcement could still seize servers located in different countries, but as long as the VPN is not logging traffic, a users’ identity wouldn’t be compromised.

Image: EFF.org.

Image: EFF.org.

There is no easy answer to which country is the best host for a VPN. The US grabs a lot of headlines due to controversies like the NSA’s warrantless wiretapping, but it currently has no data retention laws in place (unlike the EU), and law enforcement agencies still need judicial oversight to access your data. This can’t be said for many European countries such as the UK, which for many years has seen widespread warrantless data monitoring via the Regulation of Investigatory Powers Act. Countries like Sweden are often thought of as good choices, but they also suffer from harsh surveillance laws. Even Switzerland’s government, which is not compelled by the EU to retain data, still does so and permits its law enforcement to install trojans and malware on citizens’ private computers.

Generally speaking, governments that have a shown an interest in protecting the online privacy of their citizens include Germany, Poland, and Romania. But even Germany, which has been incredibly good at resisting the EU’s Data Retention Directive, has one of the strongest copyright lobbies in the world and vigorously pursues offenders. Some people may find countries such as Russia or Panama more appealing, but these places struggle with more prevalent police corruption, potentially leaving VPNs open to more abuse from law enforcement.

Remember, many VPNs retain data willingly, as they may have little motivation to defend their subscribers. Therefore, while it’s worth looking into the relevant legislation of a VPN’s host country, by far the best measure you can take is signing-up to a VPN that is privacy-oriented and clearly states it will protect its users’ data. If a VPN is not logging data, then the only way law enforcement can link users to data is by serving a subpoena through the proper legal channels, issuing a gag order, and then forcing a VPN to start logging data. We cannot speak for other VPNs, but iVPN would shut down its servers before cooperating with this request.

what-is-multihop

3. What will the company do if laws change? – We’re in the middle great changes when it comes to surveillance laws. If a country introduces new data retention laws, then a VPN will have to comply. Any privacy service worth its salt should be ready and willing to re-locate if needed.

If you follow the three points above, then you should be confident that the VPN you choose is respecting your privacy. Some people may insist on anonymous billing methods, such as Bitcoin, but such forms of payment create their own problems. Merely proving that you use a VPN cannot be used as a basis to suspect you of wrongdoing.

Government surveillance laws are changing rapidly, so if you’re concerned about this issue, one of best things to do is stay informed and get involved. A good place to start is the Electronic Frontier Foundation’s website, which can be found here.




6 comments shared on this article:

  • donotreadeffsomuch says:

    Interresting article but … it is NOT a question of law(s) so the points 2° and 3° are wrong. About the policy, i agree with you (point 1°).

    In fact, a company obeys to differents factors, ” masters “, sometimes with good will, sometimes to not be in trouble with. Be involved with Electronic Frontier Foundation is bringing a support to another company. So, one is supported from data money stealing and the other is supported from data money dealing.

    Is money the data or the freedom ?
    The both company never will pay me for my help with or without my agreement.
    So,they are living with a very high standing because i am their hostage ; it is a soft terrorism well known since a long, long time. And if i say no ? oh, the horror will come quickly and the same problem will be in the hand of two others anonym company justice/weapon etc.

    These concepts and analyses (eff’site) are coming from us/alcoohol/marijuana brain in a walt-disney world full of melting-pot – where all is mixed for one interest [ never mine ! ] following the orders of another guru. Oh, but mickey is a tough guy and minnie can give you 132 years in a jail [never mind ! i am a patriot good cityzen ] even if you are the best person on earth.

    The real problem is : how much money is given to a ISP – goverment investisment – to manage vpn so your data-freedom. It is fun – wall disney world is always an happy world for every one – you pay taxes twices for one phone !

    I understand better now why so much people are gays or lesbians or gangsters/maffia : it is the economic rules of usa that you want learn us with or without our agreement …

  • VPN Faster says:

    Thank you for the article. All the information is very critical for selecting the best vpn service that takes our privacy seriously.

    I used many VPNs before and today I find boxpn very reliable. You can reach from this link : https://www.boxpn.com

    They have NO LOG policy and their company is based in Turkey so they don’t keep any logs and we are not effected with any US or UK laws.

    I personally asked what they would do if the law changes in Turkey, they said their mother company is based in off-shore location which is good.

    Hope this also helps.

  • kazuo akutsu says:

    western countries work with each other. if one cop from one western country requests names, ip addresses, and physical addresses, the cop from another western country will give it up. this includes the whole eu, canada, australia, new zealand, usa.

  • nada says:

    to unblock sites and programs in saudi such as chat sites and viber you must use vpn service, but many of this services are full of viruses and do not preserve your privacy , wasel pro is the best vpn with it you can open all blocked sites and protect you computer from hack programs ,it was working on all android phones , iPhone and iPad ,compatible with windows and Mac systems

    https://www.waselpro.com/en/

  • vpn reviews says:

    thanks lot for this article as all we know choosing the right VPN service is very important chose. because with the right VPN you can save money and time.

  • check this says:

    I used to be very pleased to search out this web-site.I needed to thanks in your time for this glorious read!! I definitely having fun with every little bit of it and I’ve you bookmarked to take a look at new stuff you weblog post.

Leave a Reply

Your email address will not be published.

Comment

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>