VPNs Are No Privacy Panacea, And Finding An Ethical Operator Is A Comical Shitshow
from the ain't-no-magic-bullet dept
Given the seemingly endless privacy scandals that now engulf the tech and telecom sectors on a near-daily basis, many consumers have flocked to virtual private networks (VPN) to protect and encrypt their data. One study found that VPN use quadrupled between 2016 and 2018 as consumers rushed to protect data in the wake of scandals, breaches, and hacks that historically, neither industry nor government seem particularly interested in seriously addressing.
Usually, consumers are flocking to VPNs under the mistaken belief that such tools are a near-mystical panacea, acting as a sort of bullet-proof shield that protects them from any potential privacy violations on the internet. Not only is that not true (ISPs, for example, have a universe of ways to track you anyway), many VPN providers are even less ethical than privacy-scandal-plagued companies or ISPs they’re trying to flee from:
I don't use a VPN because I'd rather Comcast aggregate my data than some dude wearing a dolphin onesie in his basement in Zurich.
— SwiftOnSecurity (@SwiftOnSecurity) April 18, 2017
Case in point: Will Oremus wrote a really wonderful piece for Slate about trying to find a respected VPN and discovered that the market is, for lack of a more technical term, a complete and total shitshow:
“The search for a VPN I could rely on led me on a convoluted journey through accusations and counteraccusations, companies with shadowy leadership and those with conflicts of interest, and VPN ratings sites that might be even shadier than the companies they?re reviewing. Many VPNs appear to be outright scams. Others make internet browsing sluggish. Free versions bombard you with ads. It?s a world so thicketed that the leading firms and experts can?t agree on the basic criteria for what counts as ?reputable,? let alone which companies best meet that description.”
The article does provide some very useful tips for finding a decent VPN, and is well worth a read. That said, it also makes it abundantly clear that VPN review sites are often inconsistent, downright terrible, or financially conflicted. And even many well-reviewed VPN operators can raise flags if they try to hide the identity of who actually owns them:
“ExpressVPN, for its part, nearly won the coveted recommendation of Wirecutter in its extensive, highly detailed VPN review. There are hints throughout Wirecutter?s report that ExpressVPN would have taken the top spot if not for one pesky concern: its refusal to publicly disclose who owns it. Wirecutter editor Mark Smirniotis notes near the end of his review that ExpressVPN offered to arrange a confidential call with its owners, but he decided that wouldn?t be enough to change his recommendation and declined.”
The terribleness of the VPN sector is decidedly ironic, given that giant broadband providers, who routinely hoover up your data in an ocean of creative and non-transparent ways, have long tried to claim that the United States doesn’t need meaningful privacy guidelines because users can always use a VPN. That was one of the cornerstones of the telecom lobby logic as the successfully convinced Congress to eliminate modest FCC privacy rules in 2017 that could have prevented many of the location data scandals currently plaguing the sector.
But if it’s not clear yet, a VPN is not a magic bullet to the problems that are plaguing the modern internet. Users are running from one platform to the next, dribbling their private data in a long trail behind them thanks to shoddy and nonexistent standards. Meanwhile a lack of competition leaves them stuck on the network of giant ISPs that not only refuse to respect their privacy, but routinely lobby against any and every legislative solution, no matter how well crafted. Several ISPs have then tried to charge users a surcharge to opt out of data collection and monetization, effectively making privacy a luxury option.
Something has to break in this broken and idiotic equation, and “just go use a VPN” is not an adequate answer to the problem.