Have you ever connected to a public Wi-Fi network and wondered if someone, somewhere might be able to see of your online activity? That’s entirely reasonable, considering the forces arrayed against your privacy. With a virtual private network (VPN), you can protect your information from prying eyes and regain a measure of privacy online.
What Is a VPN, and How Does It Work?
When you switch it on, a VPN creates an encrypted tunnel between you and a remote server operated by a VPN service. All your internet traffic is routed through this tunnel, so your data is secure from prying eyes along the way. Because your traffic is exiting the VPN server, your computer appears to have the IP address of said server, masking your identity and location.
To understand the value of a VPN, it helps to think of some specific scenarios in which a VPN might be used. Consider the public Wi-Fi network, perhaps at a coffee shop or airport. Normally, you might connect without a second thought. But do you know who might be watching the traffic on that network? Can you even be sure the Wi-Fi network is legit, or might it operated by a thief who’s after your personal data? Think about the passwords, banking data, credit card numbers, and just plain private information that you transmit every time you go online.
If you connect to that same public Wi-Fi network using a VPN you can rest assured that no one on that network will be able to intercept your data—not other users snooping around for would-be victims, nor even the operators of the network itself. This last point is particularly important, and everyone should keep in mind that it’s very difficult to tell whether or not a Wi-Fi network is what it appears to be. Just because it’s called Starbucks_WiFi doesn’t mean it’s really owned by a well-known coffee purveyor.
When you’re at home, you don’t have to worry as much about someone spying on the Wi-Fi network because you own the network. But a VPN can help here, too. Your internet service provider (ISP) has enormous insight into what you do online, and, thanks to Congress, your ISP can sell anonymized data about its customers. That means the company you pay for internet access is making money off your data.
“ISPs are in a position to see a lot of what you do online. They kind of have to be, since they have to carry all of your traffic,” explains Electronic Frontier Foundation (EFF) senior staff technologist Jeremy Gillula. “Unfortunately, this means that preventing ISP tracking online is a lot harder than preventing other third-party tracking—you can’t just install [the EFF’s privacy-minded browser add-on] Privacy Badger or browse in incognito or private mode.”
While it is true that companies like Google and Facebook make money off your online behavior, you are not necessarilyforced to use those services. If you suddenly decided to stop using Facebook, you might miss out on cute pet pics and political rants from your friends and family, but you could still live a decent, perhaps better, life. You don’t always have that choice when it comes to your ISP, which controls your home’s gateway to the entirety of the internet.
While there are alternatives to Google and Facebook, most Americans have limited home ISP alternatives. Some areas, like the New York City neighborhood I live in, have only one ISP offering wired internet access. That makes recent changes that allow ISPs to sell data from their customers all the more troubling. It’s one thing to opt into a shady system, it’s quite another to have no choice in the matter.
Here’s another example: Let’s say you’re traveling abroad, and you fire up your browser only to discover that you can only visit localized versions of familiar websites. Maybe this just means a different Google doodle, but it can also mean that the language of the websites you visit is now unfamiliar, certain sites are inaccessible, and some streaming content is out of reach.
With a VPN, you can connect to a server in a different country and “spoof” your location. If you’re outside the US, you can VPN back to a familiar location and access the internet (mostly) as usual. You can also do it in reverse: from the comfort of your home, you can pop over to a far-away VPN server, perhaps to access streaming video unavailable in the US.
VPNs can also grant access to blocked websites. Some governments have decided that it is in their best interest to block certain websites from access by all members of the population. With a VPN, it’s possible to tunnel to a different country with more progressive policies, and access sites that would otherwise be blocked. And again, because VPNs encrypt web traffic, they help protect the identity of people who connect to the open internet in this way. That said, governments are wise to this, which is why we’re seeing VPN use being blocked in Russia and China.
Do I Need a VPN On All My Devices?
Yes, you need a VPN on all your devices. For the most part, VPN clients are the same for both Windows and macOS. But that’s not always the case, and I have found marked performance differences depending on the platform. I have split out reviews of Mac VPN applications, in case you’re more into fruit than windows.
For mobile devices, the situation is a little thornier. Most companies offer VPN apps for Android and iPhones, which is great because we use these devices to connect to Wi-Fi all the time. VPNs don’t always play nice with cellular connections, but it takes some serious effort to intercept cellphone data. That being said, law enforcement or intelligence agencies may have an easier time gaining access to this data, or metadata, through connections with mobile carriers or by using specialized equipment.
Do you use a less common OS? That won’t necessarily protect you online. People spying on network traffic don’t care what kind of computer it’s coming from. Accordingly, we offer a roundup of the best VPNs for Linux, as well as tips for how set up a VPN on your Chromebook.
Note that you can skip client apps altogether and connect to the VPN service simply using your computer’s network control panel. In some situations, this is the only way to use a VPN, but it comes with major drawbacks. For one thing, it’s tedious. For another, client apps give you access to more features. Since you’re paying for the bells and whistles VPN companies offer, you may as well be able to use them.
Unfortunately, not all devices can run VPN apps. Your smart fridge, for example, isn’t a likely candidate for convenient app use. If this is a concern for you, you can configure your router to use a VPN connection, or purchase a pre-configured router from some VPN companies. This encrypts data as it leaves your safe home network for the wild web. Information sent within your network will be available, and any smart devices connected to your network will enjoy a secured connection. I haven’t tested this kind of setup, but I’ve come to believe it’s impractical for most people. There are plenty of situations, which I address below, where you’ll have to switch off your VPN, and that’s a bit trickier on a router than on a computer or mobile device.
What a VPN Won’t Do
We should note that there are multiple ways your behavior can be tracked online. Even with a VPN, things like cookies allow companies to track your internet usage even after you’ve left their sites. Fortunately, we have a handy guide to pruning cookies on your browser.
VPNs also only do so much to anonymize your online activities. If you really want to browse the web anonymously, and access the Dark Web to boot, you’ll want to use Tor. Unlike a VPN, Tor bounces your traffic through several server nodes, making it much harder to trace. It’s also managed by a non-profit organization and distributed for free. Some VPN services will even connect to Tor via VPN, for additional security.
It’s worth noting that most VPN services are not philanthropic organizations that operate for the public good. While many are involved in progressive causes, they are all still for-profit organizations. That means that they have their own bills to pay. They also have to abide by the laws of the country in which they officially reside, and respond to subpoenas and warrants from law enforcement.
This is why it’s so important to read the privacy policy for VPN services, and to find out where a VPN company is headquartered. NordVPN, for example, operates out of Panama, and is not subject to any laws that would require it to retain user data.
Things can get tricky when it comes to trusting a VPN. PureVPN, for example, handed over log information the company had to federal investigators building a case against a cyberstalker and general dirtbag. Some were surprised that the company had any information to hand over, or that it cooperated with investigators. It seems to us that PureVPN stayed within the bounds of its stated privacy policy. Just about every VPN company says that they don’t keep logs, but the extent to which they do or do not monitor usage isn’t always clear. Companies sometimes try to prove their privacy bona fides by commissioning third-party audits. That’s great, but it’s important to remember that not all audits are created equal.
It’s easy to want a perfect, magical tool that will protect you from all possible threats. But the honest truth is that if someone targets you specifically and is willing to put forward the effort, they will get what they’re after. A VPN can be defeated by malware on your device, or by analyzing traffic patterns to correlate activity on your computer to activity on the VPN server. But using security tools like a VPN ensure that you won’t be an easy target, or get scooped up in mass surveillance.
The Complications of Privacy
VPNs do have have practical drawbacks. Some sites and services look at VPN traffic as suspicious, and won’t let you connect. That’s a real problem, especially when it’s your bank you’re trying to reach. In situations like that, you can try a different VPN server, but you may have to wait until you can use a trusted network without a VPN.
Chromecast and other streaming systems send data over your local network, but that’s a problem when you’re using a VPN. Those devices are looking for streaming data from phones and computers on the same network, not from a distant VPN server. Some VPNs have options to allow local network traffic, or you could try using a VPN on your router, but the simplest solution might be to connect your computer to the TV by a physical cable.
Do you like Netflix? That’s too bad, because Netflix hates VPNs. The problem is that Netflix has a complex global web of regional licensing arrangements, and it has a very real interest in making sure people don’t circumvent the resulting restrictions. Just because you can see your favorite show in one country doesn’t mean you can watch it in another.
Some VPN services, however, work hard to ensure their customers can still stream movies and TV shows. It’s something of a cat-and-mouse game, and a VPN that works with Netflix today might not work tomorrow.
Similarly, some VPN companies would rather not have to deal with the legal implications of their services being used to download via BitTorrent. BitTorrent is, of course, not inherently illegal, but it isoften used to pirate copyrighted material. Very few VPN companies outright ban BitTorrenting on their servers, while others restrict its use to specific servers.
Another major concern with VPNs is speed. In general, using a VPN is going to increase your latency (or your “ping”), and decrease the speed at which you upload or download data. It’s very difficult to say definitively which VPN will have the least impact on your browsing, but extensive testing can give you some idea which service is the fastest VPN.
While download speeds are one thing, gamers have particular concerns when it comes to internet connections. While there are some VPNs for gaming, they are few and far between. But a few VPNs offer split tunneling, which routes the traffic from some applications outside the VPN. It’s less secure, but also has less impact on latency.
Protect Yourself With a VPN
When the internet was first being pieced together, there wasn’t much thought given to security or privacy. At first it was just a bunch of shared computers at research institutions, and computing power so limited that any encryption could have made things extremely difficult. If anything, the focus was on openness, not defense.
Today, most of us have multiple devices that connect to the web that are vastly more powerful than the top computers of the early days. But the internet hasn’t made a lot of fundamental improvements. Consider that it is only in the past few years that HTTPS has become widespread.
This means that, unfortunately, it is up to individuals to protect themselves. Antivirus apps and password managers go a long way toward keeping you safer, but a VPN is a uniquely powerful tool that you should definitely have in your personal security toolkit, especially in today’s connected world.
Which VPN Should I Use?
Our roundups of the best VPNs and the best cheap VPNs are excellent places to research the top choices, but here’s a quick list of our top picks if you just want to get started with online privacy protection right now.