Verizon Launched A VPN Without Bothering To Write A Real Privacy Policy
from the whoops-a-daisy dept
As we’ve noted for a while, a VPN isn’t some kind of magic bullet. While it might help you hide some of your online activity from snoopy governments, nosy ISPs, or a packet sniffing dudebro at the coffee shop, it’s not some mystical panacea. Unfortunately, in the wake of seemingly endless privacy scandals and a federal apathy to any meaningful privacy rules of the road, many people have been flocking to VPNs without understanding that many VPNs are scams, poorly configured (making you less secure, not more), and that promises made about data retention are often hollow.
Ironically, many of the companies most responsible for our privacy problems have now jumped into the VPN business to capitalize on consumer worries they themselves helped create. Like Facebook, which, in the shadow of the Cambridge Analytica scandal, thought it might be a good idea to launch a VPN that pretends to protect consumers from online harm, but actually exists solely to track your behavior online when you’re not visiting Facebook.
Verizon, fresh off of its successful efforts to kill net neutrality and FCC broadband privacy protections, also recently launched a new VPN service dubbed Safe WiFi. Safe WiFi, you’ll be happy to learn, “protects your privacy and blocks ad-tracking.” But when I began digging into Verizon’s VPN for Motherboard, I found that the company had rushed the service to market so quickly, it failed to even write an actual privacy policy for the service. Instead, the company informed me it had simply copied a placeholder privacy policy lifted from McAfee, the company that actually built its VPN. According to this privacy policy, Verizon’s VPN collects, well, pretty much everything:
“Details about your computers, devices, applications, and networks, including internet protocol (IP) address, cookie identifiers, mobile carrier, Bluetooth device IDs, mobile device ID, mobile advertising identifiers, MAC address, IMEI, Advertiser IDs, and other device identifiers that are automatically assigned to your computer or device when you access the Internet, browser type and language, language preferences, battery level, on/off status, geo-location information, hardware type, operating system, Internet service provider, pages that you visit before and after using the Services, the date and time of your visit, the amount of time you spend on each page, information about the links you click and pages you view within the Services, and other actions taken through use of the Services such as preferences.”
When I pressed Verizon on how it could sell a “privacy and security” product that actively makes its users less private and secure, the company acknowledged that employees had simply copied the McAfee privacy policy and didn’t bother to write one of its own for the product, something the company wasn’t aware of until I brought it to their attention. That means that when you use Verizon’s VPN, you have zero real assurance that they won’t collect your data. Verizon, for its part, was quick to inform me that once it finishes actually writing a privacy policy, it will assure users that no private data is collected:
“We’re working with McAfee to post their privacy policy specific to Safe WiFi and will send you a link as soon as it posts,? Verizon said, acknowledging that it wasn’t aware of the problem until Motherboard ?alerted us to this discrepancy.” Whenever the actual privacy policy is posted, it will ?reflect that fact that neither Verizon nor McAfee collects any personal data regarding users or use of the Safe WiFi VPN,? the company promises.”
In the interim, you just apparently have to trust Verizon that it’s not using the VPN to snoop on you. A sizable ask since, you’ll recall, Verizon was busted in 2016 modifying wireless packets to track users around the internet without providing opt out tools or even informing anybody. The same company that just got done gutting FCC broadband privacy protections and is part of an industry that’s the poster child for nontransparent and anti-consumer privacy practices.
There’s a certain irony in Verizon trying to cash in on privacy worries it itself caused by rushing a VPN product to market so quickly — it couldn’t be bothered to include a real privacy policy for it. There might be a lesson in there somewhere. Meanwhile, if you do need a VPN, you’re probably better off picking one of numerous options that don’t have a several-decade history actively trying to undermine consumer privacy and real privacy guidelines.
Comments on “Verizon Launched A VPN Without Bothering To Write A Real Privacy Policy”
If you are going to use a Verizon VPN then you might as well as make your whole traffic visible to anyone. It’s probably safer and more private.
Re: Re:
I can see the techdirt article a year from now:
Re: Re:
I can’t blame Verizon for wanting to get in on the VPN scam.
Call me crazy, but I would trust the corporate stooges at Verizon, privacy policy or not, than I would a company called “Private Internet Access” or “Hide My Ass”
Re: Re: Re:
Spoken like a true Verizon Exec! BTW, I’m shitcanning Verizon after my contract is up.
Just never buy anything "privacy" from a major ISP/Telco
I would never get any ISP or telco with a "security" software or hardware and actually think they would do anything but immediately turn around and monetize my data.
Verizon has plans to make money by the truckloads off of this. More than their monthly fee would get them. Otherwise, they would not offer it. So expect them to sell every single piece of data they can. They may make handwaves at making the data anonymous. But that will be it. They will still use you to sell advertisements. Especially if their VPN blocks all advertisements except for the ones they sell.
Re: Just never buy anything "privacy" from a major ISP/Telco
I doubt if your connected to them, you’ll have the option of “buying” anything else.
This problem only gets fixed at OSI layer 4 or below. Even fancy overlay networks still have exposure due to data correlation.
Some marketing guy said, “Hey people are buying VPN, why aren’t we a VPN?” And so the engineers got an order “Make us a VPN!”. Of course the who reason people are using these services is because of perpetual felony wiretapping of consumer traffic by carriers. The engineers know that. But buerocracies don’t grow by becoming more efficient.
And maybe they can stir up some confusion if they end up in court (where they should have been years ago), by saying: “look, they wanted X, we built x! What more do you want from us?” To which the answer is: “Stay the fuck out of my interpersonal communications”.
The set a fire, and are now selling water. How nice of them.
Re: Re: Just never buy anything "privacy" from a major ISP/Telco
they’re selling gasoline in a bottle labeled water
List of good VPNs over at Torrentfreak
Torrentfreak keeps a yearly survey to check which of the main VPNs really keep you anonymous.
This year’s edition: https://torrentfreak.com/vpn-services-keep-anonymous-2018/
Re: List of good VPNs over at Torrentfreak
That is how I found out PIA doesn’t keep logs, and why I use them. I have it installed on my router so that all my outgoing and incoming are via the VPN. This Techdirt offer wasn’t available then.
Re: Re: List of good VPNs over at Torrentfreak
How do you know? Because they said so?
Re: Re: Re: List of good VPNs over at Torrentfreak
Well yes, but since then they have been hauled into court and had nothing to disclose. They provably (apparently) had nothing to disclose. Try these search terms: “Private Internet Access court”, there are too many links to list here.
Re: Re: Re:2 List of good VPNs over at Torrentfreak
This is blatantly untrue. I’m really sorry you are gullible.
The company is run by, among other people, the former executive of Mt. Gox (biggest bitcoin heist/hack/theft in history)
Not to mention that on NOW NUMEROUS DOCUMENTED occasions the company has openly cooperated with the FBI in investigating some silly bullshit.
Re: Re: List of good VPNs over at Torrentfreak
PIA is based in the US and is therefore subject the the Patriot Act.
If the company is not strait government then it is most certainly compromised by them.
Try one of the ones in Europe where human rights is still a thing.
Re: Re: Re: List of good VPNs over at Torrentfreak
That not only sounds like an assumption (ass u me) but what the hell does it have to do with the Patriot Act?
It could be that the government has compromised every tech related company in the US, but there is no proof of that, yet. Got some?
Re: Re: Re:2 List of good VPNs over at Torrentfreak
I nominate this for the asinine comment of the week.
Many years before Snowden leaked his earth-shattering NSA revelations, and shitty Booz-Allen PowerPoint slides, WIRED did a very thorough piece on the brand new NSA Data Center in Utah.
Everything could be easily inferred from the WIRED article, but because of our failed education system, logical inference always lost to that one lone bubble head asking for “proof”
Lets be honest here, if Verizon actually wrote something, who would trust them enough to believe them?
Re: Re:
[Verizon employee] “I am contractually obligated to belioeve them!”
Hello, Wolf.
You say you want to guard my sheep? Yeah, I don’t think so.
Bad Idea of the Week
Ooooh close tie with West Virginia for cellphone voting!
Virtual Private Network.
Verizon.
Privacy. Verizon.
Oxymoron of the century.
Re: Re:
So far, we have a way to go and I am uncertain others won’t be more obtuse.
Simple misunderstanding
This isn’t a Virtual Private Network. This is a Verizon Prying Network. It’s right there in the initials: VPN.
Wrong. It is the MOST secure
after all, the traffic is routed through the NSA datacenter…
Instead of using Verizon’s VPN to keep my data safe I just have a ticker running around my house displaying it.
I mean is anyone really surprised? Ppl are much better off using a secure VPN. Off the top of my head, ExpressVPN, Nord and PIA are all solid alternatives.
My VPN Policy
Never, EVER trust your data to a VPN you didn’t create, don’t maintain, and can’t control. And for Goat’s sake, ENCRYPT YOUR DNS LOOKUPS! It’s the 21st Century and DNS is still out in the open for almost everyone, and ISPs gobble it up. For $5 a month you can spin up a droplet at digital ocean running Ubuntu Server 18.x and add OpenVPN and a few little gizmos and tweak it a bit and you’ve got your very own hardened VPN that you control.
Re: My VPN Policy
Yes, I do agree with your suggestion. One can not rely on these free VPN’s that are very common in the market. But, instead one should go for a dedicated DigitalOcean server. However, managing the VPS can be a very tricky and time taking job to avoid this hassle you can directly go for the managed DigitalOcean
server
https://www.cloudways.com/en/digital-ocean-cloud-hosting.php
and enjoy the ultimate hosting server experience
Why would anyone go for this shady ass vpn? There’s so many good providers out there who already proven that they keep no logs. Not to sound like a shill but I personally use Nord vpn and I know my data is safe, even if I wouldn’t say I’m a very trustful person. I’ve done my research and that’s the provider I went for considering quality/price. You might wanna go for Express or PIA too, but just don’t be so stupid to go for something no-one ever tested. Learn from other peoples mistakes, not from your own.
I don’t know, am I the only one who can’t trust this s***? Especially, when there are better alternatives, that are secure, cheap and offer a high-quality service. Choose providers like NordVPN, PIA or smth else (I use Nord because it works with Netflix).
Techcrunch just went too far… they found one non namable researcher who was full of "could have been" ideas to cast doubt on everything… and actually nobody cares enough to read about what happened. Don’t forget that Techcrunch is owned by the company who has a Vpn service, so they just want to take their competitor down. Read the full Nordvpn blog post – they gave the proper response and put protections in place to make sure it won’t happen again.
Newly launched VPN is very helpful for people as I have personally experienced it after installing it in my laptop. It is very easy to use and doesn’t require private information’s access so I really like it. Developers have done a splendid job to create this VPN to help people. I prefer to visit https://vpncoffee.com/vpn-kodi website for protecting my privacy over internet.
I think that you should check <a href="https://fivebestvpn.com/best-vpn-for-torrenting/“>this blog</a> for the best VPN solution. I’ve gathered a different option to compare.