FTC warns VPN apps might share your data with third parties

Originally published at: https://www.myce.com/news/ftc-warns-vpn-apps-might-share-data-third-parties-83788/

American Federal Trade Commission (FTC) warns users that VPN apps don’t provide full anonymity. On its website, the FTC provides several tips that should help users in picking a VPN app. It also explains what a VPN is and what purpose it serves.

Just like how the Government uses XP and gets hacked and now tells use to not trust VPN? hmmm…so whom do I not trust here more???

Actually, although I haven’t read the original FTC article, it sounds like what they’re saying is completely accurate. It doesn’t sound like they said “Don’t use any VPN services, they’re all bad.” Rather, they warned users to choose their VPN providers carefully, which is something I also advise people to do.

Never ever use a VPN service without at least reading their privacy policy. Consider reading their Terms of Service agreement as well. The spreadsheet made by ThatOnePrivacyGuy is also a great way to compare many VPN service providers side-by-side. You should also be aware of what’s running on your computer/phone/tablet, since, as the FTC warns, ALL of your programs will have their internet traffic routed through the VPN. I myself have made the mistake of leaving my e-mail client running when connecting to a VPN, thus earning myself a slap in my face (by my own hand, of course).

Also, there is another danger that this MyCE article doesn’t mention: your web browser itself. Web browsers leak a ridiculous quantity of data to web servers. This data can make it easy for malicious web servers (Facebook, Google, etc.) to distinguish you from other users. You’ll probably want to harden your browser against browser fingerprinting techniques. On top of which, there are many users who might not know to clear things like browser cookies, browsing history, etc. Did I mention that your browser can leak your IP address, as well as the IP addresses of you DNS servers? The former can be solved by disabling WebRTC and browser plugins, while the latter can be solved by setting up your operating system up to use either your VPN provider’s DNS servers, or using some public DNS servers, such as these. (BTW, you should never use your ISP’s default DNS servers while you use a VPN anyway, since doing so allows your ISP to watch which websites you visit.)

I’ve never really considered VPNs as being for ideal for privacy but rather security, such as the example of wanting to connect securely in an unprotected wifi hotspot and such. If anonymity was what someone wanted they’d need a host of other things to look into.