[niwork]

My main reason for using a proxy is to prevent my government from tracking and logging all my internet activity (when you look at the huge list of agencies the UK government has allowed access to that information you can see why).

I skimmed through this article but I don't think it addressed this use case. Sure, my VPN could be tracking me, but I have much more trust in Mozilla than I do any other internety company. This article seems to be arguing that because perfect browsing privacy isn't possible that you might as well not bother with any.

[Angostura]

I'm interested. I thought the proposed tracking and logging requirements on ISPs never made it through parliament. Do you have any details of the requirements and agencies with access?

[niwork]

Your comment made me look into this in further detail and you may be right; it seems the situation isn't as bad as it once was.

> in April 2018, when the high court found the government’s power to order private companies to store communications data, including internet history, to be in breach of citizens' right to privacy.

It seems the original proposal has been watered down and then challenged in court. I'm wondering if someone more knowledgable can chime in.

Still, I don't want some government agency to be able to pull my entire browsing history, now or in the future.

[emn13]

Also, the article makes the weird jump from the fact that it's possible a VPN provider might log you, and possible a government or similarly powerful entity might request those logs, and possible that they might then get them - to the idea that you therefore must assume that will happen.

Jumping through all kinds of administrative hurdles is still a hurdle, even for a government (in fact, in many ways - especially for a government!). A court may not force a VPN provider to hand over logs, and a a VPN provider may have little legal exposure in a country anyhow.

Even if a government somehow managed to get permission to see them, if a VPN provider doesn't have any (or none sufficiently detailed) it's pretty likely it will not suffer much for not having logs (especially given that various privacy laws might even make it illegal to keep unnecessary privacy-sensitive data floating around), and courts tend not to punish even illegal court-order violating behavior when the party was required to engage in that behavior (e.g. by law). If anything, that's a modicum of risk with a high potential reward (publicity here we come!)

And even if a VPN service maintains logs - what kind of logs? There are a lot packets floating around on a VPN, and storing metadata for every single one strikes me as a pretty excessive expense if there's no really good business case for it. Tying various incomplete logs together doesn't always reconstruct the whole story, so it's pretty plausible some logs may still contain less data than would be retrievable if you didn't use a VPN.

All in all it strikes me as invalid reasoning to assume that merely because it's possible a VPN might not keep traffic private that it will in practice leak said traffic. That does not appear to be the path of least resistance. So even if some UK government agency were to have the intent to track some of your traffic - a VPN might well prevent that or at least make it much more expensive (in both time and effort) for said agency to achieve that.

[lilsoso]

You are overlooking a jump that seems obvious to me and I have not seen anyone address before: if government intelligence agencies go to great lengths to spy on the world's internet traffic, why wouldn't they run, and promote, the top VPN companies themselves?

Therefore, shouldn't we expect at least some of the largest, cheapest, and most widely promoted VPNs to be secretly run by intelligence agencies?

[PowerBar]

Congratulations, you're now being tracked by the government of whichever country your VPN is proxy'ing your data to.

And that government also certainly has much less legal restrictions on tracking you since you're probably not their citizen. Unless you VPN to a node in your own country, in which case, they're just tracking you at a different exit point.

[jhardy54]

As a US resideny, I'd rather have Sweden able to introspect my traffic rather than the US.