Can you trust a US-based VPN?
After assuming the presidency of the United States, Donald Trump appointed Ajit Pai as the new Chairman of the Federal Communications Commission (FCC). Pai, who is a former Verizon lobbyist, is known for his opposition to net neutrality and industry regulations. As such, it didn’t come as a surprise when his first major act as head of the FCC was to announce plans that are set end neutrality in the United States. The FCC had previously implemented regulations intended to protect the data and privacy of internet users. However, Pai’s announcement at the end of April, signals the start of a process that will roll back the rules that would have prevented ISPs from profiting from customers’ information.
The 2015 Title II Order, which aimed to protect net neutrality and reclassified the services offered by the broadband industry as telecommunication services, will be rolled back. For years ISPs have tried to challenge the Open Internet rules in court. Now, under Pai’s command and following a bill signed by President Trump, the FCC is set to void the regulations that prohibited speed throttling, content blocking and that prevented ISPs from selling customer’s data (including browsing history) to third-parties. Although major names like Verizon and AT&T were quick to point out that they don’t sell their customers’ data and don’t intend to do so, the end of the regulations means that there is nothing that stops them and we will just have to take their word for it.
What are the implications of the roll back of FCC regulations?
Under the previous rules that the FCC just overturned, ISPs were required to ask for customer’s permission before selling their data. In addition, ISPs were obliged to protect data from online threats such as hackers, and they had to notify customers of any security breaches. The argument used by ISPs to oppose the FCC restrictions implemented in 205 and 2016, was that they only affected them and didn’t promote fair competition with other internet companies. After all, major names like Google and Facebook can profit from user’s data by selling advertising. Now that the previous blocks applied to ISPs have been overturned, they have the freedom to sell your data without asking you first.
As expected, this has caused significant concern among privacy conscious internet users, and the general public. While it is bad enough that the likes of Facebook and Google can sell your information to advertisers, at least they don’t have access to your entire browsing history. Their visibility ends when you are not using their services or websites and you don’t really need to have a Facebook account or use Google if you prefer not to do so. However, in order to be able to use internet, you need to pay for the service and ISPs can see pretty much everything you do online since your traffic is directed through their network.
The leading names in the broadband industry know that there is a lot of money to be earned by selling advertising. They are also taking the necessary steps to take control over online media by acquiring companies that produce the content that users are likely to access. For instance, Comcast owns NBCUniversal and Verizon bought Yahoo and AOL, and it intends to use their ad services to compete directly with Google and Facebook. Comcast owns NBCUniversal. With the new bill signed for Trump, the privacy rules to which ISPs were subject have been nullified, which enables Verizon, AT&T and other players to use customers’ data and to use tracking and advertising technology on their advantage. In the meantime, it seems that all that users can do is to trust that these companies will still give them a choice when it comes to their own privacy.
Using a VPN to protect your data
With the end of the FCC’s rules about internet privacy, the popularity of VPNs has increased significantly. The fact that ISPs can sell user’s data and that they are not required to prevent and report data breaches, has left privacy exposed to major threats. Since a VPN is designed to encrypt your online traffic, preventing your ISP from seeing the websites you visit, your IM chats and everything else you do on the internet, many people are considering this technology to defend their right to privacy. Using a VPN along with an anti-virus and an ad-blocking solution can boost the protection to your data. Your activities on the internet won’t be accessible to your ISP, spies or attackers who are trying to intercept your information.
If you are looking for an option that makes privacy a priority, you need to make sure that they don’t keep logs. A zero logs option is ideal, but the main thing is that your online traffic is not monitored or recorded. Some providers keep some connection logs (such as timestamps, duration of the sessions, etc) for troubleshooting purposes. Although those who are focused on the highest level of privacy will have an issue with this practice, for most users, as long as the provider doesn’t log online activities, there shouldn’t be an issue. Logging policy is a key factor when it comes to choosing a VPN that can be trusted with your privacy, but there is another aspect that should be considered, particularly in the aftermath of the FCC’s latest move.
Are US VPNs secure?
After Edward Snowden revealed the extent of the surveillance programs of the NSA, it became clear that the anonymity and privacy that we once associated Internet with, were an illusion. Anyone could become a target of online spying and data is collected in a mass scale, meaning that even if you think that the authorities wouldn’t be interested on what you do on the internet, you are on their radar. In a world where terrorism has become a constant threat, the government have the perfect excuse to access anyone’s data by any means necessary. In the United States, the Stored Communications Act (SCA) allows the goverment to legally request ISPs to retain someone’s data for 180 days. Not only that, under the same Act, any company that is willing to hand over data to the government because they believe that it could help to prevent deaths, can do so.
In this scenario, companies in the US wouldn’t only respond to government’s requests because they have to, but they may even cooperate by choice. ISPs and major technology companies like Google, are very likely to work with the NSA and other government agencies. It is known that these companies will comply with government’s requests and will offer the necessary platforms to allow these agencies to monitor those who use their services. Unfortunately, the same could be said about VPN services based in the United States. As much as a provider wants to help its customers to keep their privacy protected, it will probably succumb eventually to legal requirements and will have to cooperate with the authorities whenever needed. Make no mistake, they won’t compromise their business only to keep your privacy safe.
The truth is that the United States is probably one of the worst locations for companies that offer privacy protection services. Although the country doesn’t have a mandatory data retention law, the Stored Communications Act that we previously referred to, states that any VPN or ISP that does retain data about its customers, has to hand it over to authorities, if required by law. In order to comply with requests from law enforcement, cooperate with copyright enforcers and avoid legal issues, many VPNs companies keep logs. This helps them to run their business without the headaches of potential lawsuits from copyright holders or the threat of US authorities raiding or monitoring their servers. The bottom line is that if you are concerned about the NSA or other US government getting access to your data, you should consider a VPN located outside the US. Providers like NordVPN (based in Panama) and PureVPN (based in Hong Kong) are good options that offer high quality services and they don’t keep logs that compromise your privacy.
The latest actions of the FCC are a low blow to privacy and open internet, and unfortunately, they show that the Trump administration is not giving cyber security the importance that it deserves. It seems like the security and privacy of internet users is the least of the concerns for the FCC. In order to get back control over your privacy, a VPN is a practical solution. Just make sure that you choose the right service and keep in mind the risks of choosing a VPN based in the United States.