| Great article for bringing across the basics and I do wholeheartedly agree that just because a VPN promises to do X it doesn’t necessarily have to do that and that the advertising is sometimes deceiving, but I don’t agree with everything OP said. > in theory, your ISP could keep a list of all domains you requested and based on that, they would have a pretty good understanding of what you were doing online I would argue that this is not theory but reality. In the EU you have the Data Retention Directive forcing telecoms to store metadata for a period of between 6 months and 2 years for example. [1] > With a VPN, all you end up doing is shifting the trust from one party to another. You are not gaining anything. I know this article is about commercial VPN’s but what if I run my own VPN? Then I do gain some privacy. I’m not saying to use a self hosted VPN and you’re good to go; a VPN in my opinion is a vital part to improve privacy but it’s just that, a single part. > what is your reasoning behind trusting an anonymous company [..] more than you trust your ISP, which is a big company with [..] something to lose? I’d argue that a VPN, even a commercial one is more trustworthy than my ISP, who doesn’t need to care if I trust them. It’s in the interest of my VPN to protect/delete my data if they say they do so. My ISP does not make that promise, quite the contrary actually. > if you pay for a VPN service, [..] your VPN account will be linked to your actual identity It’s entirely possible to pay for a commercial VPN anonymously, Mullvad for example offers the option of paying via cash that you physically mail them. [2] Many offer payment with crypto currencies. > Large commercial VPNs [..] make governmental surveillance easier. That’s not true and it’s what bothers me the most about this article. Why wouldn’t my government just get the data from my ISP? There are far less ISP’s than there are VPN’s. In Germany for example Telekom alone had around 18 Million customers in 2017 and Vodafone had another 10 Million. I’d assume strongly that you’d have to get to a lot of VPN providers to reach nearly 20 Million people. Personally I just assume that every request I make with my ISP’s DNS is known to my government. Another thing: a VPN can protect it’s user. In Germany for example it should be expected that when you torrent copyrighted content, like a movie, you’ll get a letter from a law agency like “Waldorf Frommer”. Those law agencies only purpose is to go after copyright infringement by connecting to the torrent swarm and logging IP’s. They then ask your ISP to hand over your address and a week later they’ll send you a letter asking for fines in the realm of €1k. [3] They sometimes go to court to collect those fines. Regardless of how you might feel about copyright infringement that is a valid use case where a VPN will protect it’s user. [1] - https://en.m.wikipedia.org/wiki/Data_retention [2] - https://mullvad.net/en/ [3] - https://www.heise.de/ct/artikel/Ignorance-isn-t-Bliss-Rights... |