Vice recently ran an article with the attention-grabbing headline, You Probably Don’t Need a VPN. The main problem with the article is that it confusingly conflates several separate issues.
The objections to using a VPN boil down to:
- It doesn’t really matter if your Internet access provider (ISP, etc.) see what sites you are connecting to because the actual connections themselves are encrypted. All ISPs can collect these days is metadata about who you connect to and when.
The objection that the only thing Internet access providers can collect is essentially browser history metadata seems absurd given how much we know about the value of that metadata. Many ISPs turn around and sell that metadata about their customers precisely because it has value.
I have little trust or faith in the Internet access providers that I use in the United States. There are essentially zero legal protection for consumers at the moment for how ISPs can use and sell that data. Even if there were, these providers themselves typically employ bottom of the barrel security practices (looking at you Breach-Mobile), and such data will likely be stolen if not sold at some point. - There are a lot of lousy VPN companies, many of which represent a potentially bigger data risk than your local Internet access provider.
There are a lot of lousy companies, period. The one cool trick that changes everything here is not to pick a terrible VPN company.
Pretty much the only VPN I recommend to ordinary people these days is ProtonVPN. Their basic $4/month plan will likely meet most people’s needs. Their VPN client is well-designed, and I trust their no-logs policy.
The other VPN I recommend is AirVPN, but not for casual users. In my opinion, if you want to do a lot of high-speed torrenting, AirVPN is the best option out there. Let’s just say in the last ten years, I’ve yet to receive a DMCA notice and leave it at that.