Does Your VPN Disclose Too Much About You
By: Jim Stickley and Tina Davis
January 8, 2020
Recent research finds 90% of Virtual Private Networks (VPNs) have privacy flaws. VPNs have long been an extra layer of security for sending and receiving data over public networks. But now, many VPN’s are found to be collecting too much data, putting hundreds of millions of fans and their personal information at risk. That’s unsettling news for those using free VPN’s and for those who purchase them from legitimate sources like Google Play Store and Apple App Store. Even worse, a deeper look into VPN’s finds 60% of the most popular free VPN’s available at these app stores are owned by companies and individuals in China. It’s a long-known fact that China has been secretly stealing private data and intellectual property from U.S. organizations and its citizens for many years. China has been creating VPNs despite the country’s strict ban on them, as well as having massive internet restrictions for their citizens.
Security researcher Simon Migliano blew the lid off nefarious VPNs. The use of VPNs has increased dramatically, with research showing in Q1 of 2018, the global use of VPNs or proxy servers at 26%. By last quarter of 2018, the number of users jumped to 30%. Migliano’s in-depth studies found some disturbing results, including a closer look at 150 VPNs for Android users. With over 500 million installs of these VPNs, 85% had privacy abuse issues. Those privacy issues involved invasive permissions or functions, something any app user should always be aware of. The study also found 18% of the VPNs tested positive for potential malware and other viruses. Almost seven in ten were categorized as “dangerous” by official Android documentation.
With privacy concerns always at the forefront of online life, Migliano’s research is cause for serious concern. The irony of using a VPN for added security only to find it may put your data in the hands of bad actors is now an unsettling truth. One VPN has a privacy policy that clearly states it collects browser type and history, time spent viewing a web page, including dates and times of browsing. That’s data most users don’t want collected. Still other VPN users may be shocked to know their trips to financial and other sensitive websites aren’t protected.
Continuing to use a VPN is an excellent choice, but there are steps users can take to minimize their data exposure. It starts by choosing the right VPN, and a free VPN may not be a good idea. Always use reputable sources for VPNs and carefully review the privacy policy before downloading. Privacy policies claiming they collect browsing and other data should be avoided. Pay close attention to requests for data access when downloading a VPN. It doesn’t need access to your camera or microphone and definitely doesn’t need administrator permissions. These security steps are necessary to avoid a risky VPN. No user wants a false sense of security, but educated, cyber-savvy users are always a step ahead of those who are not.