In my book, I strongly advocate for everyone using something called a VPN (or a virtual private network). Using a VPN is sometimes necessary to gain access to certain US websites (Netflix, for example) when traveling outside of the US. However, and this is key: it's also required to help us maintain our online privacy.
The concept of having, let alone maintaining, online privacy is a crucial bedrock of our Democracy. In March of 2017, the Senate voted to allow U.S. internet service providers (also called "ISPs") to sell our browsing data without our consent. That vote now requires the participation of The House of Representatives before it becomes law, but the writing is on the wall: our privacy is, once again, under attack. This isn't a surprise to people who follow cybersecurity, like myself: our online privacy has been under attack for a long while now.
However, there's a simple, 100% legal and very affordable solution you can take -- right now -- to take back some of your privacy and stop making all of your public data so damn public: use a reputable VPN service. They usually cost about $5-7/month.
It works like this: when we use a VPN service, it routes our connection to the internet through their servers, masking our information from the outside world. What gets masked is our IP address — something like a computer ID number — and the websites that we visit. So it's kind of like surfing the internet with a Harry Potter cloak over us. Only in this metaphor, the bad guys would be the ISPs and the U.S. Government.
Now look: some of us might believe that, because we're not doing anything illegal online, that we have nothing to hide. The reasoning suggests that if we have nothing to hide, we don't need a VPN. I understand this way of thinking, even though I think it's incorrect. Consider this analogy: if you don't do anything illegal during a normal day, wouldn't you feel very uncomfortable if you knew that you were followed and watched wherever you went? Twenty-four hours a day? Day after day? If the answer to any of these questions was "yes", then you want a VPN.
“Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say.”
— Edward Snowden
I, therefore, recommend a VPN service that cares about our privacy and can demonstrate that to us as the potential customers. But how do we, as the consumers, learn how to choose a reputable VPN service? Here are a few guidelines that I'd propose, based on the research I did for my book and for the series on security I'm currently writing for Medium. Choose a VPN that:
- doesn't keep logs on the websites that its customers visit
- isn't headquartered in the United States
- offers servers in 10+ countries
- is NOT a member of the 5, 9, or 14 eyes security agreement
- offers a connection with an encryption rating of at least "AES-256"
- offers a free trial and/or a money back guarantee after 15-30 days
- supports both Macs & PCs
There are a small group of providers that do a really good job of accomplishing these core principles. I'm a fan of the following VPN programs in this order:
NordVPN (in Panama)
Cactus VPN (in Moldova)
My Private Network (in Hong Kong)
Boleh VPN (in Seychelles)
IBVPN (in Gibraltar)
Click on ANY of the company names I've listed above to visit their websites and learn more. Please know that I'm an affiliate for each of these amazing companies. That means if you purchase a plan, I receive a small percentage of that sale as a "thank you tip" for recommending them. While it's not remotely enough to live on, I want to be transparent. I support them because they're the best at what they do.
Finally, one new entry to this list is a service that's 100% free. ProtonVPN does also offer paid subscriptions that entitle you to faster speed and more security options, but let's be honest: you can't beat free if you're pressed for cash and really want to up your security game. Proton VPN is engineered by the same Switzerland-based company that makes Proton Mail, one of the most secure email solutions in the world. It's worth checking out.
There are other companies I'm still examining and vetting but, for now, these six companies are all based on the best tech available, something you should confirm for yourself by doing a bit of homework.