[josteink]

Your argument for VPN tunnels in general makes sense, especially if you're on a hostile network, and that includes hostile ISPs you feel you can't trust.

Your argument for VPN services completely forgets that a VPN service in this regard is just another ISP.

How do you know you can trust this ISP any more than the one you're already using?

[hug]

A VPN service provider is not an ISP in the single way that is most important to me: In a "my government mandates that ISPs perform metadata collection" kind of way.

My ISP tells me that they do, indeed, operate legally and collect metadata. They tell me that they do, indeed, inject JS sometimes. They tell me that they do, indeed, reserve the right to resell my anonymised data for marketing purposes.

My VPN service provider tells me that they do none of these things, and in fact have been reported in the tech media for telling courts to kindly go fuck themselves when it comes to logging.

Who do I trust collects less data? Well, to be honest, I'm 100% certain that the ISP is doing the things it tells me it's doing. I'm not 100% certain that the VPN provider isn't doing things it tells me it's not, but it's a damn sight sure less than 100%.

And, y'know, despite all that rhetoric: The main thing I use my VPN provider for is to watch the US version of Netflix.

[kbart]

"How do you know you can trust this ISP any more than the one you're already using?"

Simple. For example, you live in a country where ISP's are allowed to do whatever they want (or forced to do what government/letter agencies wants), so if you value your privacy and data, you use VPN company that's based on a country where private data is respected and protected by law.

[tjoff]

Well, the opposite is quite common.

Your ISP has strong laws that require a court order for anyone to take a peek or identify you. Your VPN provider does not but can legally do whatever they want with your data. Mining, providing/selling personal information etc. (and they are equally forced to reveal everything asked for when faced with a court order).

The combination of using a service such as a VPN (drawing attention to your activities) with less legal protection is in my opinion the biggest arguments against using a VPN.

[kbart]

Yes, but it's much easier to choose/change VPN than ISP, because because VPN providers usually are not geographically bound as opposed to ISP where it's not uncommon to be stuck with single ISP available. Furthermore, if you have a reputable ISP and your traffic is not being filtered/snooped, there aren't many reasons to use VPN service at all.

[tjoff]

Yes, but these are points that are very seldom brought up at all in these contexts yet they are quite important.

[josteink]

And how can you know this VPN provider is not a honey-pot setup by the same forces/agencies you are trying to avoid?

[kbart]

If you are such a high-level target that these agencies went out of their way to setup honeypot for you, no VPN will save you anyway. But in realistic case, nobody is going to setup honeypots just to capture your porn search history.