Every time we go online we leave a digital footprint and bits of private information we entrust to search engines, banks, social networks or even the host of our personal blog.
What goes on Internet, stays on Internet.
Though somewhat trite, the saying is as true for goofy Facebook photos and as it is your financial or medical information. Because we’ve “imported” so many aspects of our lives to the web, personal information is transferred, copied, aggregated, and stored constantly.
(Hopefully) even the most naive web users have learned or heard of the not-so-pleasant side effects of living an increasingly digital life: businesses doing data collection, security breaches, or ubiquitous ads that find you across the web. It’s no wonder that privacy has become one of the major concerns among Internet users in the US.
In this article, we’ll discuss how a technology called VPN (Virtual Private Network) can help you maintain control of your privacy online and why it’s fast becoming a necessity.
Taking the Offensive on Privacy Starts with Internet Service Providers
The grim truth is that there is a range of parties who go to great lengths to obtain some of your information. From brands to telecom companies, everyone wants your data—including Internet service providers (ISPs).
In recent and extremely disturbing news, telecom giants have been granted an opportunity to skyrocket their revenues, when President Trump signed a law repealing Federal Communications Commission’s (FCC) privacy rules that were supposed to be enacted in 2017. These rules were designed in 2016 to prevent ISPs from collecting and sharing consumers’ information without their explicit (opt-in) consent. In a nutshell, subscribers were supposed to decide whether they would allow ISPs to collect information on sensitive things like:
- browsing history
- app usage history
The controversy was fueled by alleged “inequality” of how the FCC treated ISPs in comparison to major players in advertising like Google and Facebook. This is hardly a valid argument, though. With Facebook and Google, users may voluntarily choose to use these services and are informed about their data usage, while ISPs—which are obligatory services for anyone wanting to connect to the web—are now granted an opportunity to collect browsing history without having to ask permission from the customer.
Of course, the ISPs have all made announcements that they won’t sell users’ “personal browsing history” but rather aggregated non-personally identifiable information. However, in 2017, this isn’t a big relief—once this information is purchased by a certain advertiser and mapped to their first-party data (customers email, address) within a Data Management Platform, it’s only a matter of days before an advertiser obtains a personalized profile of a customer.
In a way, ISPs are making their customers a resource that can be sold to generate yet another revenue stream. Unfortunately, these aren’t the only possible consequences.
Can a VPN Remedy the Threat from Megacorps Snooping Through Your Devices?
This is not the first time when lobbyists have succeeded with pushing their agenda into the law, so it’s now up to users to find a way to deal with the situation. While privacy advocates are planning their next steps, customers should consider the existing solutions.
A Virtual Private Network (VPN) is one of the options.
Basically, a VPN app encrypts all of your traffic once you’re connected to the remote VPN server. All of your data is transmitted through an encrypted “tunnel” which incapacitates ISPs tracking, and connects you to a remote VPN server. A VPN server in its turn connects you to the website you want to visit. Therefore, all the data you send back and forth to the websites you visit is unreadable by third parties, be they ISPs, hackers etc.
It is important to note that your ISP may still see your IP address, but since you are connecting to a private VPN server, and only then going online, these connection logs are the totality of information that ISPs can count on.
The connections through VPNS are encrypted using several encryption algorithms, depending on the vendor’s choice. AES-256 (Advanced Encryption Standard with 256 bit key length ) is used by paid VPNs and provides solid protection from traffic decryption. It is rumored to be the VPN adopted by the U.S. government and agencies, which led paid VPN app makers to advertise their services’ as providing “military grade” encryption.
Other algorithms like RSA-128 are also secure enough and have no serious vulnerabilities, given that they’re properly “tuned”.
VPN apps support different connectivity protocols. Some of the most popular and reliable are:
- OpenVPN: It has been praised for it’s flexibility in conjunction with a wide array of encryption algorithms, from RSA-128 to robust AES-256 based technology.
- IKEv2: This one is new and impressively secure and balanced. It also grants users higher connectivity speed.
Personally, I purchased a VPN app that allows switching between these two protocols, which is convenient depending on the research or test I’m doing.
More detailed overview including other protocols is available here.
Choosing a VPN—A Task That Shouldn’t Be Taken Lightly
Now that you understand the basic purpose of a VPN, it’s time to dive into the details of selecting a reliable app. It’s almost like buying a new car—there are plenty of parameters that have to be taken into consideration. It’s your privacy and peace of mind at stake, after all.
First and foremost—don’t go for free stuff.
It’s simple. Using a free VPN is just another way of getting into the situation you’re trying to avoid with the ISPs. Free services have expenses, and they may fund themselves by showing you some extra ads or by collecting your data to resell it to marketers. Some of the more hideous monetizations that have been uncovered, include Hola VPN, which sells their users’ bandwidth to anyone who’s paying through their other service, Luminati.
One more thing that’s equally true both for free and paid VPNs: they don’t make you completely anonymous. Yes, some of the paid VPNs put these words in their ads, but in reality this is one big fat lie. Anonymity and enhanced privacy aren’t synonyms and can’t be used interchangeably. There are still plenty of other ways to identify you online and well, you use your email to login into VPN app from your PC or phone. Moreover, VPNs know the IP that you’re connecting from.
This brings us to other red flag to watch out for: many VPNs position themselves as no-logging services that don’t store any info about the sessions or traffic.
But this claim should be taken with a grain of salt. To say the least, it’s impossible to run a business like this without keeping an eye on stability of infrastructure and without logging certain performance parameters. VPNs wouldn’t be able to provide you with a stable encrypted connection without such data. Furthermore, VPNs based in some countries store logs for some period because they are obligated by law to do so.
So, be realistic. Stick to VPN providers that avoid false claims and that list details about their service. Here are a few more questions to consider when choosing a VPN:
- Does the VPN provider own or rent their servers? In case of latter, it may be not so private since the data center renting out the servers may have control over the servers. A third party may also log some connections data in order to maintain the hardware. Data centers and hosting companies are also required to prevent abuse of their infrastructure, so they’ll be keeping an eye on everything that goes on there. Mind that a reliable provider should have an extended network of their own servers
- Where in the VPN provider is based? As mentioned before, some countries require VPNs to keep logs (like IPs). Most VPN providers mention this information on their websites.
- Where are the servers? Mind that a reliable provider should have an extended network of their own servers. But where the servers are matters as well. Connection speed will be slowed if scattered to distant server locations. No connectivity protocol can make up for that.
- What are others saying about the VPN provider? Don’t just research feedback from fellow users. See if tech experts or authoritative/specialized websites offer some insights on the provider.
- Are there extra features? You already know about key factors like encryption and connectivity protocols, but there is more to consider when making a decision. Does the provider support mobile devices? Is it optimized to work with streaming sites? Does the provider offer a kill switch feature (termination of regular Internet connection if VPN connection interrupted, so your real IP or any other info is exposed when outside of encrypted tunnel.) Such features can make your Internet experience ideal for your needs.
- Does the provider offer support and clear guidelines on setting up and configuring the product?
It may seem like a lot of work, but with some time and effort you’ll be able to enjoy reliable and transparent service. If all this seems overwhelming, check whether the antivirus you’re using provides VPN services as well. Be sure to find out whether or not they use third-party VPN provider’s services or offer their proprietary in-house solution. Here’s a list of top VPN services according to Techradar, the largest UK-based consumer technology news site.
Do you use a VPN? What is your experience?