[JorgeGT]

I also run my VPN on a cheap VPS. Dedicated VPN companies can easily come under attack/scrutiny, or could have temptations of selling user data if subscribers fall, but I doubt anyone is monitoring individual, ephemeral DO droplets/AWS instances.

[sarsaparilla]

If you're the only user of your VPN, doesn't that make it pretty easy to trace your usage back to you? I would have thought that using a VPN Provider would assist privacy by making it hard to figure out which client initiated the any request coming out of the VPN node...

[JorgeGT]

A local adversary (in your network) can know that you're establishing a connection to a certain IP in another country, but they cannot know what that particular machine is accessing in turn. [This is my threat model, I use this in public WiFi].

And a remote adversary (who sees your VPS IP) cannot know who is, in turn, connected to that VPS, unless they can extract that information from the VPS provider via court order or hacking. [This is of more concern if you plan to do illegal things or are a dissident].

As always, you must model your threat scenario and proceed accordingly.

[sarsaparilla]

That's a fair analysis. I guess I was imagining something like a government. For example, the UK one would now be able to see that you're establishing a connection to your VPS IP. However, I don't know if they would then be able to see the connections from there to various hosts back in the UK.