If you take a step back and consider how much of your life is transmitted over the inherently insecure internet, you may feel a creeping sense of dread. That’s reasonable, considering the forces arrayed against your privacy. One of the best ways to secure your data is to use a virtual private network (VPN), which also provides some control over how you’re identified online.
What Is a VPN and How Does It Work?
Simply put, a VPN creates a virtual encrypted tunnel between you and a remote server operated by a VPN service. All external internet traffic is routed through this tunnel, so your data is secure from prying eyes. Best of all, your computer appears to have the IP address of the VPN server, masking your identity.
When your data reaches the VPN server, it exits onto the public internet. If the site you’re heading to uses HTTPS to secure the connection, you’re still secure. But even if it was intercepted, it’s difficult to trace the data back to you, since it appears to be coming from the VPN server.
To understand the value of a VPN, it helps to think of some specific scenarios in which a VPN might be used. Consider the public Wi-Fi network, perhaps at a coffee shop or airport. Normally, you might connect without a second thought. But do you know who might be watching the traffic on that network? Can you even be sure the Wi-Fi network is legit, or might it operated by a thief who’s after your personal data? Think about the passwords, banking data, credit card numbers, and just plain private information that you transmit every time you go online.
If you connect to that same public Wi-Fi network using a VPN you can rest assured that no one on that network will be able to intercept your data—no other users snooping around for would-be victims, nor even the operators of the network itself. This last point is particularly important, and everyone should keep in mind that it’s very difficult to tell whether or not a Wi-Fi network is what it appears to be. Just because it’s called Starbucks_WiFi doesn’t mean it’s really owned by a well-known coffee purveyor.
Another example showing the value of VPNs is using these services to access blocked websites. Some governments have decided that it is in their best interest to block certain websites from access by all members of the population. With a VPN, those people can have their web traffic securely tunneled to a different country with more progressive policies, and access sites that would otherwise be blocked. And again, because VPNs encrypt your traffic, it helps protect the identity of people who connect to the open internet in this way.
For the most part, VPN clients are the same for both Windows and macOS. But that’s not always the case, and I have found marked performance differences depending on the platform. I have split out reviews of Mac VPN applications, in case you’re more into fruit than windows. Note that you can skip client apps altogether and connect to the VPN service simply using your computer’s network control panel. You’ll still need to sign up with a VPN service, however.
For mobile devices, the situation is a little thornier. Most companies offer VPN apps for Android and iOS, which is great because we use these devices to connect to Wi-Fi all the time. However, VPNs don’t always play nice with cellular connections. That said, it takes some serious effort to intercept cellphone data, although law enforcement or intelligence agencies may have an easier time gaining access to this data, or metadata, through connections with mobile carriers or by using specialized equipment.
While VPN apps are fairly similar in look and function regardless of mobile platform, iPhone VPNs often use different VPN protocols than their Android counterparts. This is fine for the most part, however. In some cases it may represent an actual bonus, as iPhone VPN developers do the extra legwork Apple requires to use newer, more robust protocols.
Among the enemies to free speech and privacy, there are two three-letter groups to be especially concerned about: the NSA and your ISP.
Through years of reporting and the Snowden leaks, we now know that the NSA’s surveillance apparatus is enormous in scope. The agency has the ability to intercept and analyze just about every transmission being sent over the web. There are jaw-dropping stories about secret rooms inside data infrastructure hubs, from which the agency had direct access to the beating heart of the internet. With a VPN, you can rest assured that your data is encrypted and less directly traceable back to you. Given the mass surveillance efforts by the NSA and others, having more ways to encrypt your data is a good thing.
Your ISP may already be involved in some of these spying operations, but there’s an even-newer concern. The FCC recently rolled back Obama-era rules that sought to protect net neutrality, and in doing so allowed ISPs to profit off your data. The ISPs wanted a slice of that big data monetization pie that has fueled the growth of companies like Facebook and Google. Those companies are able to gather huge amounts of information about users, and then use it to target advertising or even sell that data to other companies. ISPs now have the green light to bundle anonymized user data and put it up for sale.
While it is true that companies like Google and Facebook make money off your behavior, you are not necessarily forced to use those services. If you suddenly decided to stop using Facebook, you might miss out on cute pet pics and political rants from your friends and family, but you could still live a decent, perhaps better, life. You could even choose to avoid the Google-o-sphere entirely by using the privacy conscious DuckDuckGo for your web searches, or drop the Google-backed Chrome for the nonprofit Firefox.
You don’t have this same level of choice when it comes to your ISP—your home’s gateway to the entirety of the internet. While there are alternatives to Google and Facebook, most Americans have limited home ISP alternatives. Some areas have only one ISP offering wired internet access. That makes recent changes that allow ISPs to sell data from their customers all the more troubling. It’s one thing to opt into a shady system, it’s quite another to have no choice in the matter.
“ISPs are in a position to see a lot of what you do online. They kind of have to be, since they have to carry all of your traffic,” explains Electronic Frontier Foundation (EFF) senior staff technologist Jeremy Gillula. “Unfortunately, this means that preventing ISP tracking online is a lot harder than preventing other third-party tracking—you can’t just install [the EFF’s privacy-minded browser add-on] Privacy Badger or browse in incognito or private mode.”
What a VPN Won’t Do
We should note that there are multiple ways your behavior can be tracked online—even with a VPN, things like cookies allow web services (Amazon, Google, Facebook, and so on) to track your internet usage even after you’ve left their sites (here’s a handy guide to pruning cookies on your browser.)
VPNs also only anonymize your online activities so much. If you really want to browse the web anonymously, and access the dark web to boot, you’ll want to use Tor. Unlike a VPN, Tor bounces your traffic through several server nodes, making it much harder to trace. It’s also managed by a non-profit organization and distributed for free. Some VPN services will even connect to Tor via VPN, for additional security.
It’s worth noting that most VPN services are not philanthropic organizations that operate for the public good. While many are involved in progressive causes, they are all still for-profit organizations. That means that they have their own bills to pay, and they have to respond to subpoenas and warrants. They also have to abide by the laws of the country in which they officially reside.
It’s easy to want to find the perfect, magical tool that will protect you from all possible threats. But the honest truth is that if someone targets you specifically and is willing to put forward the effort, they will get to you. A VPN can be defeated by malware on your device, or by analyzing traffic patterns to correlate activity on your computer to activity on the VPN server. But using security tools like a VPN ensure that you won’t be an easy target, or get scooped up in mass surveillance.
The Complications of Privacy
We heartily reject the idea that security and convenience are necessarily at odds. There are, however, some notable complications that arise from using a VPN. These aren’t deal-breakers, but they warrant consideration.
Chromecast and other streaming protocols send data over your local network, but that’s a problem when you’re using a VPN. If you encrypt the data coming from your laptop, your Chromecast or AppleTV won’t have a clue what to do with it. Likewise, smart home devices may be gathering lots of data about you and your home that you’d rather not have intercepted. Unfortunately, these devices simply cannot run VPNs. The solution for both problems is to move the security up a level by installing a VPN on your router. This encrypts data as it leaves your safe home network for the wild web. Information sent within your network will be nicely unencrypted, and any smart devices connected to your network will enjoy a secured connection.
Do you like Netflix? That’s too bad, because Netflix hates VPNs. The problem is that Netflix in England is different from Netflix in the US, which is also different from Netflix in Australia, and so on. Just because you can see your favorite in one country doesn’t mean you can watch it in another. The company has a complex global web of regional licensing arrangements, and it has a very real interest in making sure people don’t circumvent the resulting restrictions.
In order to ensure that you can’t access streaming content that is not licensed for your region, Netflix blocks most VPNs. Some VPN services, however, work hard to ensure their customers can still stream movies and TV shows. It’s something of a cat-and-mouse game, and a VPN that works with Netflix today might not work tomorrow.
Similarly, many VPN companies would rather not have to deal with the legal implications of their services being used to download via BitTorrent. BitTorrent is, of course, not inherently illegal but it is often used to pirate copyrighted material. Several VPN companies outright ban BitTorrenting on their servers, while others restrict its use to specific servers.
Another major concern with VPNs is speed. After all, a VPN is making your internet connection jump through many more hoops than normal. In general, using a VPN is going to increase your latency (or your “ping”), and decrease the speed at which you upload or download data. It’s very difficult to say definitively which VPN will have the least impact on your browsing, but extensive testing holds up PureVPN as the fastest VPN we have reviewed.
While download speeds are one thing, gamers have particular concerns when it comes to internet connections. While there are some VPNs for gaming, they are few and far between. But many VPNs offer split-tunneling, which routes the traffic from some applications outside the VPN. It’s less secure, but also has less impact on latency.
Protection Yourself With a VPN
When the internet was first being pieced together, there wasn’t much thought given to security or privacy. At first it was just a bunch of shared computers at research institutions, and computing power so limited that any encryption could have made things extremely difficult. If anything, the focus was on openness, not defense.
Today, most of have multiple devices that connect to the web that are vastly more powerful than the top computers of the early days. But the internet hasn’t made a lot of fundamental improvements. Consider that it is only in the past few years that HTTPS has become widespread.
This means that, unfortunately, it is up to individuals to protect themselves. Antivirus apps and password managers go a long way toward keeping you safer, but a VPN is a uniquely powerful tool that you should definitely have in your personal security toolkit, especially in today’s connected world. Whether you opt for a free service or even go all-in with an encrypted router, having some way to encrypt your internet traffic is critically important.