If you’ve been keeping up with the news recently, you probably heard that our Congresspeople have sold us out to our internet service providers (ISPs). ISPs can, in turn, sell our data to advertisers.
This has many privacy advocates up in arms. It might not have a drastic change to our current internet browsing habits, but it has shed light on a continuing debate around privacy, security, and the rights of citizens versus those of corporations.
Many people are suggesting VPNs as a way to fight this new ruling. But what exactly is a VPN, and it is really something you need?
What’s this all about, anyway?
Before we dive into the solution, we should talk about the problem. The Senate recently voted to eliminate privacy rules that were set to go in place later this year. Proposed by the Obama administration, these rules would require ISPs to get explicit permission from users before selling their browsing history and data to advertisers.
ISPs argued that this was onerous compared to the rules put in place for parties like Facebook and Google, who already do sell your information to advertisers. It’s true that advertisers have your information – it’s why you can search for something on Amazon and see ads for it in your Facebook news feed – but there are a few important distinctions here.
First, you should know that "your information" isn’t really "you." Your identity is masked; there isn’t "John Smith at 100 Main St" attached to it. So even though you can be identified as a user enough to serve relevant ads, it’s not your personal identity that’s being tracked. That may be trivial to some people, but to others it can provide peace of mind.
Second is that we allow sites like Facebook and Google to use our information. It’s part of us agreeing to use their (mostly free) services. Internet access is a different story. Many people pay upwards of $50 a month to access the internet, so we’re already paying for it. If we don’t like what Facebook or Google are doing, we can choose not to use those sites; if you don’t like what your ISP is doing, you’re lucky if you have another provider option (luckier if said alternative isn’t doing the same thing your previous provider is). ISPs also have access to a lot more information – basically, all of your internet browsing history.
ISPs have decided to give users the ability to opt out of this data-selling. That’s great, but it puts the burden on the user. When does this go into effect? How does one opt out? Will that have implications on how much we pay for internet service? No one knows the answers to these questions, and that’s the way the ISPs want it: users may not go through the trouble of opting out if they’re automatically opted in.
Finally, since the rules weren’t yet in effect, this doesn’t actually change anything. The way you browsed the internet yesterday is the way you’ll browse it today. That’s not to say that everything is fine, but this isn’t a huge shift and an immediate threat to privacy. Instead, it another step in the long, slow burn of our privacy.
(That’s better, right? Right?)
Don’t want your information available to the highest bidder? There’s a lot of advice going around out there about how to keep yourself off the radar. Some people are suggesting you delete your browser history. That’s a dumb suggestion, because it doesn’t address the issue at hand. It’s about as useful as using a private browser window. (Note: Using a private browser window also won’t help.)
If you truly want to keep your browsing data private, your best option is to set up a VPN.
What exactly are VPNs?
A VPN is a virtual private network. In normal browsing, your ISP can see the data that goes across its network. A VPN creates a private session without you needing to physically switch to a new network (hence the virtual part).
How does it create this private network? By encrypting your data. Your information is encrypted before it leaves your device. Once it reaches the VPN server, your data is decrypted. This keeps your ISP from knowing what you’re doing online, because they basically just see you connecting to the VPN server. And because consumer VPN services are software, you can use them just about anywhere without being tied down to your home computer.
Who would use a VPN?
Does this sound more high-tech than you’re comfortable with? Surprisingly, you might already be using a VPN even if you didn’t know it.
Businesses use them often to allow secure remote access to networks. So if you’re ever had to work from home, there’s a good chance you’ve used a VPN.
Since it masks connections, people also use VPNs to get around geo-blocking. Some sites and services are blocked or changed depending on where you’re located. For example, Canada has a different Netflix library than the U.S. Or, more seriously, Twitter – a valuable tool for journalists – is banned in Iran and other countries. VPNs can allow users to spoof their location and get around these restrictions.
And, now, regular folks can get in on the VPN fun. It’s not an unreasonable move to make: between government programs, a torrent of data breaches, and this latest news, who wouldn’t want some measure of privacy and security online? You don’t have to be up to something nefarious to want to protect yourself.
The dangers of VPNs
VPNs sound great, right? VPNs for all!
But there’s a trade off for privacy and security and, unfortunately, that trade off is...privacy and security.
When you use a VPN, you’re replacing one entity that can look at your data – your ISP – with another company that can do the same thing – the VPN company. Now, the latter isn’t supposed to do that, but they could. That One Privacy Site has a nice roundup of various popular VPNs and the information they do and don’t retain. You have to trust that this company will keep your information private and not just sell it like the ISPs want to do.
You also have to trust that they’ll actually do what they’re supposed to do and encrypt your information. A recent study showed that 18% of VPNs available on Android didn’t encrypt their traffic. That defeats the whole purpose, leaving you exposed.
The moral of the story is you need to do your research when deciding which VPN you use. Otherwise you might as well not use one at all.
Choosing a VPN
Okay, so which VPN provider is the right one?
That answer is different for different people, but one important distinction to keep in mind is whether or not a VPN is a free or paid service. These companies make money somehow, and if it’s not through a subscription fee, it’s probably by selling you information or serving you ads. If you want real protection, pony up the $7-10/month for a solid service.
Some popular VPN providers are:
- Private Internet Access. One of the most widely-used VPNs, and one that scores pretty highly using That One Privacy Site’s criteria. Starts at $3.33/month for an annual subscription. Available for Windows, Mac, iOS, Android, and Linux devices.
- NordVPN. NordVPN is the highest-rated VPN by PC Magazine. Starts at $5.75/month for an annual subscription. Available for Windows, Mac, iOS, and Android devices (provides tutorials for use on other operating systems).
- TunnelBear. Known for its ease of setup and use. Free for 500MB of data/month, paid services start at $4.17/month for an annual subscription. Available for Windows, Mac, iOS, and Android devices.
- Cloak. Popular among Apple users, but scored poorly by That One Privacy Site in terms of logging and leak protection. Starts at $3.99/week, with team package discounts available. Available for Mac and iOS devices.
For more VPN options, check out the suggestions on That One Privacy Site and TorrentFreak.
Don’t feel like securing your entire system? Want to dip your toes into the world of anonymous web browsing first? There are some browser-only alternatives available to try. This means that your practices are only secure when you’re using that browser; otherwise, it’s as available as it would be if you weren’t using a VPN.
Opera has a free built-in VPN option that allows for unlimited data. You don’t have to download anything other than the browser, you can see how much data you’re using, and you can choose to enable the VPN option only if you have a private window open. Plus, Opera is doing some pretty funky things with Opera Neon, so maybe now’s the time to revisit the classic browser anyway? For mobile devices, you’ll need to download the Opera VPN app. Also note that Opera was bought last year by a Chinese group, so take that for what it’s worth.
The Tor browser isn’t technically a VPN, but it is another free, popular choice for anonymizing and encrypting your browsing habits. From their site:
Tor protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, and it prevents the sites you visit from learning your physical location.
You know those thriller movies where the heroes can’t track the evil hackers because they’re bouncing a signal across the globe? Think of it like that, but not ridiculous. Tor also provides the Orbot and Orfox apps to bring secure browsing to Android devices.
Finally, you can download a TunnelBear (mentioned above) browser extension for your existing browsers like Google Chrome, but you’ll still need to subscribe to get unlimited data.
Do you need a VPN? That depends on what you’re doing online and how concerned you are about your privacy. If you don’t particularly care, and want to carry on the way you have been, you likely won’t see any change in how the world works, at least for now. But there’s no harm in looking into a VPN. At worst you’re familiarizing yourself with basic internet security protocols. At best you’re protecting your information from parties you don’t want seeing it.
Either outcome is pretty good.