(Spoiler: Your Data Isn’t so Private After All)
So, you wanted to protect your online privacy and got yourself a free VPN. You felt a surge of adrenaline as you turned it on and started browsing the web.
No longer was your personal data at the mercy of your ISP or DNS servers. You thought that you'd escaped from the tracking technology of personalized ads and that you were 100% secure.
Well you thought wrong!
“Nothing is truly free" is a saying that rings true especially for free VPNs. True, you may not be paying anything directly, but what you may not know is you're still paying with something else more valuable - your personal data.
How can this be possible? Read more and find out how free VPNs make money from you!
1. They Insert Cookies, Web Beacons, and Pixels
Normally, being offered a cookie is great, especially if you have some milk on hand,but, not when they’re browser cookies. These little packets of data can track your browsing history without you even knowing about it.
Web beacons are similar to browser cookies in that they can also track your internet usage by using a clear picture file.
Tracking pixels are graphics with 1x1 dimensions that are loaded every time you visit a website or email and are used to track certain activities.
So, what do these three have in common? They all track your online habits in some way.
Free VPNs make money from you by permitting advertisers to insert these little trackers that collect information about your browsing history.
2. They Show You Ads
Letting advertisers access your data isn’t the only way free VPNs make money from you. They also make more money by letting their partners or sponsors display ads while using their service.
True, most ads may not be obtrusive enough to be a real bother, but they can still make the whole experience less enjoyable - not to mention annoying if you have to scroll down twice or thrice as much because they’re in the way.
What takes the cake would have to be those unskippable pop-up ads that require you to wait for a few seconds to a whole minute!
3. They Give Away Your Email to Their Business Partners
Some free VPNs give your email away to their business partners or third parties. This presents a huge problem because you never know what your email could be used for.
Ransomware, phishing, cryptojacking, and spam emails are just some of the cyber-threats that use email as an attack vector. This is why you should never allow anyone to mishandle your email - even your free VPN service.
4. They Make Your Computer an Exit Node for Paying Users
Most free VPNs also offer a paid subscription to their service. Normally, they let you use their free VPN service as a “free taste” of what their paid service offers. This means that they make money from their paid subscription and not from their free service.
The problem arises when a company offers their free VPN service wholly separately from their paid subscription. This is because they sell access to your network and computer, thereby, making it an exit node which other (paying) users can access the internet.
While this may not seem so bad an exchange for free VPN services, remember that being an exit node means that all the traffic made by other users goes through you- including illegal traffic. This could get you into a lot of trouble and you’re doing it at your own risk for free WHILE the company makes money from the paying users using you as an exit node.
5. They Sell Other Collected Information to Their Partners or 3rd Parties
If the free VPN you’re using doesn’t let their partners or 3rd parties track you, it may be because they (your free VPN provider) are doing it themselves and then selling the data they collected afterwards.
Some companies admit to doing this, but you still may not be aware of it since their notice to you is hidden away in their privacy policy - which, most of the time, is worded in legal jargon to keep you from fully understanding what you’re getting yourself into.
6. They Set Limits on Purpose
Remember the free VPNs that also offer paid services (#4)? The good ones will tell you outright that they’re only offering limited free services in the hopes that you’ll eventually upgrade to the paid subscription (which usually carries with it better services, anyway).
On the other hand, there are those that don’t warn you at all. They limit your data, bandwidth, and even disable peer-to-peer connections (torrents included) on purpose to manipulate you into upgrading to their premium service.
7. They Use Your Data for Marketing and Advertising Purposes
Some free VPNs tell you up front that they may (read: will) use your data for marketing purposes. This poses a threat because it means they are actually logging your data and using it to determine how best to sell you ads.
How is this different from numbers 1, 2, and 3? The difference is jurisdiction - specifically 14-eyes jurisdiction. Any VPN company situated in the countries under the 14-eyes jurisdiction can be compelled by their government or proper authorities to retain and surrender any and all data that may come into their possession - which includes your personal data that they logged.
8. They Openly Share User Data with Their Marketing Partners
Perhaps the most dangerous action a free VPN company can do is to openly share user data with their marketing partners. This differs from the preceding number in that this means that the free VPN and their marketing partner are basically one and the same entity as far as your personal data is concerned.
They are the most dangerous because they’re bluntly making you their “cattle” from which they can harvest the “milk” of your data. To these companies, your privacy, convenience, and safety come second to their money-making.
In the end
I don’t recommend using free VPNs. They sell/give away/share your information, let third parties track your internet traffic, show you ads, and even manipulate you by purposely setting limits. All of these acts ultimately mean that your privacy isn’t as secure as you thought it was.
If your free VPN doesn’t protect your privacy, why use it in the first place?
For more info on bad VPN practices, visit my original post: TheBestVPN: How Free VPNs Sell Your Data.
About the Author
John Mason is an Estonian based cybersecurity analyst/journalist who holds an MSc from Northumbria University. In his free time, he likes to give (free and paid) consultations and write about privacy related concerns, news, politics and technology. His work has been published in Tripwire, Digital Guardian, Glassdoor, StaySafeOnline and many more. His website is located here: JohnCyberMason.com
Note: This blog article was written by a guest contributor for the purpose of offering a wider variety of content for our readers. The opinions expressed in this guest author article are solely those of the contributor and do not necessarily reflect those of GlobalSign.