When I used my first VPN many years ago, VPNs were associated with bad actors like hackers and scamsters. A VPN changes your IP address which means you ‘virtually’ appear to be from a different location. This is one of the reasons scamsters love using VPNs and how they got a bad reputation among average, non-techie users.
In those days, most of us were not yet aware of the value of our online data and the need of protecting our privacy. “I’ve got nothing to hide.” was the general perception.
I might be exaggerating a bit but data is the new oil. If you think no one is interested in your data, private information, browsing history and basically every move you make online, you could use some more awareness on this topic. From companies like Facebook and Google whose business basically depends on our data and browsing habits to hackers who are interested in stealing our personal information and scam us — our data is worth more than we think.
Whether you are at home using your ‘trusted’ network or at an airport, cafe, hotel or somewhere in the street where you connect to a ‘free’ WiFi, you are at the risk of giving away your information to authorities, ISPs, and bad players.
The more we rely on technology, the more information we are giving away to preying eyes. So what do we do? Shut down our devices and disconnect from the internet? Only if that was easy. And this dependence on technology is the reason why we should think about digital privacy.
What is a Virtual Private Network (VPN)?
From the fact that you are reading this article, I will assume that you have an idea about Virtual Private Networks and you know why you should be using one.
So I will not get into details, but in short, VPN is a private ‘tunnel’ between two devices on internet. Imagine sending an open postcard to your friend which anyone can read versus a sealed, gibberish letter only you and your friend can understand. The latter is VPN which ‘encrypts’ your data before sending it over the internet. So even if someone gets the hold of this data, they can’t understand what it is.
If you don’t know what is a VPN, how much an Internet Service Provider knows about you, what does DNS leak mean, and convincing reasons to start using a VPN, then give the following articles a good read first. Also watch Glenn Greenwald’s TED Talk ‘Why Privacy Matters.’
Before listing out privacy-focused VPNs, it’s worth mentioning that VPN is not a one-stop solution for everything that sucks in terms of your digital privacy. Having a VPN is better than having no protection at all. But at the same time, you also need to change your browsing habits, be more aware of your privacy and the value of your data, and consciously decide whom you trust online.
Keep in mind that by using a VPN, you are transferring your trust from your ISP to VPN provider. Also remember that VPNs can be useful for privacy but can not guarantee your anonymity. Also, a VPN is of no use if your device is infected with malware designed to steal your data or to spy on you.
Choosing a Privacy-focused VPN Service
There are hundreds of Virtual Private Networks to choose from. They are free, paid or both. If you are using a VPN to safeguard your privacy, forget about the free VPNs because it’s highly possible that their business depends on your data.
Although there is no guarantee that a paid VPN is better, there are ways of judging and choosing one to trust. No one, including this list, can tell you which VPN is the ‘best’ for you. Use your common sense and decide according to your threat model.
The VPNs mentioned in this list were chosen based on the following points:
- Clear policies: Are their policies clear and easy to understand for an average user?
- Prevention of DNS leaks: DNS leaks can expose DNS requests to ISP’s DNS servers. Does a VPN prevent this?
- Independent audit: Whether the VPN service has been independently audited by a third-party and their claims have been found to be true.
- Reputation: What are people — users, not review sites — talking about the VPN, are they known to have compromised users’ privacy, how is their attitude towards safeguarding their users etc.
- Transparency: Does the provider publish transparency reports?
- How much information they collect and keep: While visiting their website, creating an account, making a payment, or logging into their client, which information is collected and why.
- Supported protocols: Do they still use old VPN protocols like PPTP or L2TP? Do they support WireGuard?
- Ease of use: How easy is it to setup the VPN on your devices?
- Killswitch: Does the VPN client stop the traffic in case it gets disconnected?
- Payment methods: Does the provider offer different online or offline payment methods, including cash and cryptocurrencies?
- Marketing tactics, affiliate programs etc.: Review sites should help you choose the right product. Instead, you see the same two or three services mentioned as the ‘best’ all over the internet. These ‘reviews’ are part of companies’ marketing strategy and could be sponsored or motivated by their handsome affiliate programs.
This list does not focus on:
- Reviewing every VPN service with in-depth analysis or verifying their claims.
- Finding a VPN which is primarily used for accessing services like Netflix and Spotify or watching sports matches in a region where they are not officially available (geo-blocked content).
- Suggesting a VPN which helps you hide torrenting/P2P activities.
- Users whose goal is to use a VPN for illegal activities.
- Helping choose the right VPN for users in countries where it could be illegal to use one. I do not have first-hand experience of this situation and I don’t hold expertise to help you choose a VPN.
- Free VPN service providers who possibly spend more money on their service than making and make you wonder — ‘How do they make money?’
The goal of this list is not to convince you to start using a VPN or make you paranoid by screaming “EVERYONE MUST USE A VPN.” If you don’t have reasons to start using a VPN, you are probably better off without it. You don’t need a VPN, but if you want to use one, you can choose one from this list.
3 Privacy-focused VPNs
Launched in 2009, Mullvad is a Sweden-based VPN service provider which I have been using at least for the last two years. This is one of those VPNs which you will often not find mentioned or recommended on many review sites.
Mullvad has clear policies which are easy to understand for an average user. They don’t have bandwidth-throttling or any limits on traffic. There’s no affiliate program or flashy landing pages to desperately convince why you need to pay them your money. Mullvad has also been through a security audit.
Mullvad has been an early adopter of OpenVPN and now WireGuard, as well as offering IPv6 support. Since 2017, Mullvad is also experimenting with post-quantum VPN tunnel.
At the time of writing this, they operate 535 servers in 35 countries, out of which, 152 servers support WireGuard. They also maintain a list of server locations and whether they are owned by themselves or rented. For those who use TOR, Mullvad has an onion address, too.
Mullvad does not have different plan to choose from. They have a simple 5 Euros per month subscription and you can pay as much as you want to use it for. 60 Euros, for example, will give you one year of validity. You can use Mullvad on up to 5 devices at the same time.
One of the best things I like about Mullvad is that you don’t need to provide any personal information while signing up for an account. You simply go to their website and generate a random account number which can be used to login to their apps. You can choose to pay by card, PayPal, Bitcoin or even cash.
The lack of native iOS and Android apps could keep you from using Mullvad easily on your phones. Although the OpenVPN app can be used to configure Mullvad on both iOS and Android. An official Android app is already released in beta.
Borrowed from Reddit: “If I was paying for a VPN, it would be Mullvad.”
Operated by Gibraltar-based Privatus, IVPN is an independently audited VPN provider found to keep no logs of user activity. They are also undergoing a security audit.
IVPN traffic is encrypted with 256-bit AES encryption and they operate their own DNS to prevent DNS leaks. WireGuard is supported and they also offer an anti-tracker tool (can be turned on optionally) which stops websites from tracking your activities and blocks ads.
IVPN’s policies and user guides are easy to understand. Their open support for organisations and projects like EFF, Tor, and Open Rights Group, and the efforts to educate users about privacy are also commendable. The IVPN Facts page lists plenty of facts and information about the provider and they also maintain a Warrant Canary.
IVPN offers two plans to choose from: The Standard plan offers access on 2 devices at the same time for $60 per month if paid yearly. The Pro plan increases the number of devices to up to 7 and allows access to multi-hop and port forwarding. IVPN charges $100 for Pro plan if paid yearly. Their monthly plans start at $6 for Standard and $10 for Pro.
There are multiple ways to subscribe to IVPN that include credit cards, Paypal, Bitcoin, and cash. Their 3-day free trial, however, is only offered if paying via card or PayPal. Cash payment can be used only when subscribing to a yearly plan. IVPN account can be deleted right from the client area on their website.
IVPN operates 64 OpenVPN and 14 WireGuard serves in 32 countries. Windows, macOS, iOS, and Android apps are available while Linux, NAS, and routers are also supported with IVPN configuration.
The discontinuation of IVPN’s affiliate program in 2016 exactly aligns with my point on why such programs and sponsored ‘reviews’ can be manipulated. Their ethics page is also worth reading.
Proton Technologies AG — the Switzerland-based company behind ProtonVPN — was founded in 2014 by a team that met at CERN. Their first product was ProtonMail — a well-known name that comes in mind when you think of ‘secure email service.’ ProtonMail now boasts ‘over one million users’ and was made possible after a successful crowdfunding campaign.
ProtonVPN is their second product which, according to their About page, was ‘born out of a need to better protect the activists and journalists that use ProtonMail.’ Whether you use ProtonMail or not, if you think of a privacy-focused VPN, ProtonVPN is a name I would trust.
Beside their no-log policy, ProtonVPN features include Secure Core architecture (which routes traffic through multiple servers before leaving the VPN network), traffic encryption with AES-256, Perfect Forward Secrecy (a new encryption key is generated with each connection), and support for IKEv2/IPSec and OpenVPN protocols only.
ProtonVPN’s paid plans start at 5 Euros a month which gives you access to all their serves with usage on up to two devices at the same time. Their 10 Euros plan provides some more features like Tor servers and connections on eight devices simultaneously.
If paid yearly or two-yearly, you pay 4 or 3.29 Euros for Basic plan, respectively. They also offer a free plan which provides access to servers in three countries on one device at a time with capped bandwidth.
While creating an account with ProtonVPN, you have to provide an email ID which is used for account recovery. Payments can be done by cards, PayPal, Bitcoin or cash. An account can be deleted from the user area on their website.
Although not major cons, ProtonVPN does not support WireGuard or IPv6 yet. They are working on WireGuard implementation though.
Other VPNs Worth Mentioning
Based in Canada and owned by McAfee — A U.S company in turn owned by Intel, TunnelBear offers a free plan with 500 MB and Unlimited plan for $4.99/month with up to 5 connections and unlimited bandwidth. Easy-to-use apps for Mac, Windows, iOS and Android are available (I have not used it on Windows).
Apart from a blog post announcing the acquisition, their relation with the parent company is not visible on their website, including their about page. The fact that it’s located in Canada and owned by a giant U.S. corporation is a bit of a turn off for me. Nevertheless, I do occasionally use their service when I want to connect to a public WiFi and browse for a while.
Although I have not tried it, AzireVPN looks promising. Launched in 2012 and based in Sweden, AzireVPN promises to have no-logging policy. They operate a network of their own hardware — with ‘all installations, upgrades and maintenance done by in-house certified technicians.’ At the time of writing this, AzireVPN has 32 servers in 9 countries. All their servers are configured to work without a permanent storage.
AzireVPN prices start at 3.25 Euros per month if subscribing for two years. A one month subscription costs 5 Euros. A subscription supports up to 5 devices at the same time. Email is required at the time of signing up and payment can be done via cash, cards, PayPal, and some cryptocurrencies.
Their About Us page does not mention people behind the company.
Privacy-focused VPNs: Summary
In the digital age, everything we do online has a price attached to it. It took us a long while before we could understand how and why companies provide us products and services for ‘free.’ While we can’t unplug ourselves completely from the internet, we can be more aware of our digital privacy.
Using a Virtual Private Network does not guaruntee your privacy and does not make you anonymous. It’s mostly a matter of whom do you trust more — an ISP or a VPN provider. Before starting to use a VPN, educate yourself on the topic and use your common sense to decide what is better for you.
That’d be all, folks. This was a list of 3 privacy-focused VPNs I trust. I hope you found this article useful and I would like to thank you for reading.
Which VPN do you use? How do you choose a VPN? Do share your suggestions and experiences.
Disclosure: This list is not sponsored by any of these VPNs. Services mentioned in this list carry no affiliate links. Their mention is based on my own experiences.
Support Me: If this article/tutorial helped you today, please consider supporting me and help me run frunction.com