As the cost and impact of data breaches, from Equifax to Cambridge Analytica, continues to make headline news, the idea of personal data privacy has moved to the forefront of mainstream thinking for the first time.
In the US, this was prompted by the Trump administration’s decision to repeal online privacy protections in 2017. As people realised that companies could now sell their personal information without permission, the attitude around privacy moved on from ‘I have nothing to hide’ to ‘I want to make sure my data is protected and managed responsibly’. As a result, worldwide VPN usage has continued to grow to the point that close to a quarter of internet users used a VPN during June 2018.
What is a VPN?
Put simply, a Virtual Private Network (VPN) service is designed to provide an additional layer of anonymity and security to your internet activity. By ‘tunnelling’ through their servers, your data will not only receive an additional layer of encryption, but your IP address will be masked. This hides your activity from marketers, your internet service provider and anyone else who may be looking to collect your information. VPN services can be used across all of your devices, including mobile.
When choosing between VPN services, one of the primary considerations should be the communication protocols they use, that is, the type of encryption used to protect your information when it is being transferred. While some protocols are considered to be outdated and others are only available through proprietary services, general consensus is that OpenVPN is one of the best and is used by open source and proprietary services alike.
But if you are using an open source protocol, is there any need to use a proprietary software?
What is an open source VPN?
One of the primary reasons that open source software is popular is because the source code is freely available to view and modify. This means it can be closely inspected to make sure there are no backdoors or weaknesses. In comparison, proprietary apps do not reveal their code, leaving the user forced to simply trust that their privacy is being protected.
Open source software is a popular option in many fields with experienced users, but can often require levels of manual setup that are extremely time consuming, making this option more complicated than the average user may like. Another issue is that you would still need to find a VPN provider. It is possible to create your own personal server, but it’s an even more advanced process that will require a large amount of troubleshooting – and any mistakes could ruin your chances of staying anonymous.
Are proprietary VPNs safer?
One of the key benefits of a proprietary VPN service is the simplicity. Quick to setup, easy to use and often cost-effective, paid services put a lot of emphasis on the user experience.
In addition, paid services may also include other safety option including location switching and kill switches to provide additional protection. These options may still be available on open source platforms, but will require additional work user to set up and maintain.
As demand for VPNs continues to grow, major online companies are starting to seek to capitalise on the increasing market, by either partnering with providers or providing their own solutions. Firefox and Google are both at different stages of developing their own VPN services. It remains to be seen if these services will push the market forward, or like Facebook’s Onavo, become another avenue for large companies to harvest user data.
The short-term future of VPN
As the use of VPN services becomes more mainstream and part of a standard security setup, there are increasing numbers of competing products and options for users. From understanding protocols to deciding which add-ons are essential, it can be confusing for a newcomer to maximise their safety.
In addition, as VPN services become more popular, the number of questions around the practicalities of services are arising. The use of a VPN to evade geo-blocking restrictions, for example, is a common benefit. But as use increases, services are less likely to be able to turn a blind eye. Netflix is now pushing back by blocking some IP addresses that originate from VPN servers.
One of the big promises that VPN services are judged on is being logless. That is, not collecting user data. Many users feel that if their data is being tracked, the fundamental anonymity promised by a VPN service has been compromised. While many services claim to be logless, the reality is that servers will still log data, even is the VPN company does not directly.
Logs are in many cases vital for maintaining the service, troubleshooting and applying data limits. But this does raise a question about whether VPNs in their current form will be able to meet consumer needs going forward. While there are many questions about the gap between what VPN promises and what it is able to deliver, ultimately, the future of these services will come down to trust.
Among ‘power’ users this is of great concern, and may see the use of open source options continue to grow and improve in quality. But without a another seismic change to the general public’s way of thinking, the majority will trust brands due to familiarity with the services they use, and this coupled with ease of use will see proprietary services continue to dominate the market.